IDS mailing list archives

Re: Cisco CTR

From: Ron Gula <rgula () tenablesecurity com>
Date: Thu, 20 Nov 2003 09:37:46 -0500

At 04:54 AM 11/20/2003 -0700, Mark Teicher wrote:

Just curious on how NeVO compares to Intrusec Expose ??


I have not seen Expose recently, but my thought was that it
was a continuous low-volume active scan that could launch
other vulnerability scanners when change was detected. NeVO
does the same sort of thing, but passively through network
packet/session monitoring. Besides looking for change in the
network, it also looks for the vulnerability. NeVO needs to
wait for a packet to be sent before it sees a host, port,
client, server or vulnerability. If folks deploy NeVO with
a Lightning Console, they can launch distributed Nessus scans
if they see a system or a vulnerability data that they would
like to follow up with an active scan.

Ron Gula
Tenable Network Security
http://www.tenablesecurity.com





---------------------------------------------------------------------------
---------------------------------------------------------------------------

Current thread:

Re: Cisco CTR, (continued)
- - - Re: Cisco CTR Martin Roesch (Nov 19)
    - Re: Cisco CTR Ron Gula (Nov 19)
    - Re: Cisco CTR Martin Roesch (Nov 20)
    - Re: Cisco CTR Ron Gula (Nov 19)
    - Re: Cisco CTR Renaud Deraison (Nov 19)
    - Re: Cisco CTR Martin Roesch (Nov 19)
    - Re: Cisco CTR Renaud Deraison (Nov 20)
    - Re: Cisco CTR Martin Roesch (Nov 20)
    - Re: Cisco CTR Renaud Deraison (Nov 20)
    - Message not available
    - Re: Cisco CTR Mark Teicher (Nov 20)
    - Re: Cisco CTR Ron Gula (Nov 20)
    - RE: Cisco CTR David J. Meltzer (Nov 25)
    - Re: Cisco CTR Martin Roesch (Nov 27)
- RE: Cisco CTR Bohling James CONT JBC (Nov 26)
- RE: Cisco CTR Teicher, Mark (Mark) (Nov 26)