Re: so, is I[dp]S a STUPID technology?

[Valdis.Kletnieks () vt edu]

On Tue, 11 Oct 2005 17:13:35 CDT, Paul Schmehl said:
> If you can recommend an *enterprise* capable vulnerability scanner (IOW one 
> that I can schedule massive scanning events for a class A *and* class B 
> network and then go look at the results when I have time)

How much of that class A is *actually* used?  Your site can't be *that* much
bigger than ours, and we fit (mostly) into 2 /16s.

If you insist on scanning 2**24 addresses to find 2**16 hosts, that's your business.
But you're working 256 times too hard. ;)

> Nessus?  Nessus is useful on a one-off basis, but I need a vuln scanner 
> that will work in the background, 24/7 and generate *useful* reports that 
> tell me where my problems are.  I'm not aware of one that does that that I 
> can afford.  Are you?

There was this nice Nessus framework from Purdue, I don't have the URL handy at
the moment.  Basically had a front end box that load-balanced across a bunch of
Nessus scanning engines.  Costs twice as much as the base Nessus. ;)

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.