Full Disclosure mailing list archives
Re: Comparison of Network Security Scanners
From: "Gregory A. Gilliss" <ggilliss () netpublishing com>
Date: Thu, 1 Jul 2004 13:46:08 -0700
On my *first* day at my current employer (a large network appliance vendor), we had a situation similar to this. One of these "independent evaluators" informed my employer that they were evaluating my employer's product, and that my employer had 24 hours to respond to their evaluation before they submitted their results. Basically these people were contracted by one of my employer's competitors to "evaluate" the competing products and publish the results. My employer's investigation revealed that these people obtained their equipment (with back level software) through a "gray market" vendor, and that their "tests" included such things as not configuring the hardware prior to testing. In summary, these "independent evaluators" appear to be nothing more than paid agent provocateurs who publish "results" designed to promote one specific product over the competition. BTW, I am not implying that *all* such testing organs are of this caliber, however caveat emptor. G On or about 2004.07.01 21:35:12 +0000, Anders B Jansson (hdw () kallisti se) said:
And to everyones surprise their own product came out on top! Wow, it has to be good, film at 11 // anders Alexander wrote:Hi all! Comparison of Network Security Scanners: http://www.maxpatrol.com/pd_cmp2.asp In this survey the following products were tested: 1 IS - Internet Scanner 7.0 Internet Security Systems http://www.iss.net 2 LG - LanGuard 3.2 GFI http://www.gfi.com 3 Ns - Nessus 2.0.6 Renaud Deraison< http://www.nessus.org 4 NR - NetRecon 3.6 Symantec http://www.symantec.com 5 Rt - Retina 4.9.97 eEye Digital Security http://www.eeye.com 6 MP - MaxPatrol 7.0 Positive Technologies http://www.maxpatrol.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- Gregory A. Gilliss, CISSP E-mail: greg () gilliss com Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Comparison of Network Security Scanners Alexander (Jul 01)
- Re: Comparison of Network Security Scanners Anders B Jansson (Jul 01)
- Re: Comparison of Network Security Scanners Gregory A. Gilliss (Jul 01)
- RE: Comparison of Network Security Scanners Alexander (Jul 02)
- Re: Comparison of Network Security Scanners insecure (Jul 02)
- RE: Comparison of Network Security Scanners pigrelax (Jul 08)
- Re: Comparison of Network Security Scanners Gregory A. Gilliss (Jul 01)
- Re: Comparison of Network Security Scanners Anders B Jansson (Jul 01)
- Re: Comparison of Network Security Scanners Christopher Blume (Jul 01)