Beyond ip security and Nessus

Discussion in 'other security issues & news' started by zillah, Feb 4, 2007.

Thread Status:
Not open for further replies.
  1. zillah

    zillah Registered Member

    Joined:
    Mar 9, 2006
    Posts:
    29
    The representative of this company :

    http://www.beyondip.com/pages/Support/support.htm

    has stated the device of this company has no impact on any network device during its vulnerabilities scan, though if it is peak time.

    Any insight ?

    If we want to do comparison between it and Nessus

    The device as representative mentioned it is a special dell box compatible with the specific Linux OS designed for this purpose (vulnerabilities scan).
     
  2. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    FAQ PDF
    http://www.beyondip.com/downloads/Beyond-IP_FAQs.pdf

    1. this seems flawed to my mind in the age of crime syndicates

    2. vulnerability scanners while useful are also flawed in an age when trojans incorporate port knocking

    3. its my understanding that a combination of honeynets and traffic monitoring is in ascendancy over traditional scanning

    4. Id personally ask over at SANS as well https://lists.sans.org/mailman/listinfo

    5. Like you I wouldnt trust a salesman further than I can throw them :p

    6. Id craft several search queries around nessus, nmap, snort, port knocking, honeynet, beyodIP, Securiteam, SANS, rootkit
    in various combinations and then investigate the returns. (http://www.searchlores.org/tips.htm)

    7. However my responsibilities have never included defending a network of any considerable size, and while Ive used nessus (old freeware days), I havent used beyondIP.
     
    Last edited: Feb 5, 2007
  3. zillah

    zillah Registered Member

    Joined:
    Mar 9, 2006
    Posts:
    29
    Thanks for this input
    Since you have used nessus, since you have used old freeware , I guess that you have used Linux platform, because at that day there was no windows paltform.

    Is there any concern you have to pay attention when you use nessus ? like scan peack or off peack time ? like any locked out that an application can get when you use nessus ? or any other issue that you have experienced ?
     
  4. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    yes there was, I still have nessusWX it will run the older databases.I don't know how long that was available before the DBs went to a paid platform, I used it rather infrequently and was surprised when I tried to update the DB last time. (EDIT looking at the history I probably got it around 2002 or so)

    (Im just learning Linux "for real" now, been using LiveCDs, portables and full GUI distros without a real understanding for a few years)

    Like I said with Nessus it wasnt a network of any size at all, "traffic" if you could call it that was 90% internal transfer (which wasn't really happening when Id run it) So Im really not a great source for info. I basically employed it as an augment for external port scanners. Good at finding the obvious but past that...

    now I use ATK for basically the same thing. Again opensource w\ a Win32 port.
    (EDIT LOL its natively Win32 sorry)

    http://www.computec.ch/projekte/atk/
     
    Last edited: Feb 6, 2007
  5. zillah

    zillah Registered Member

    Joined:
    Mar 9, 2006
    Posts:
    29
    FYI, It is still free
     
  6. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    thought the DB's werent free anymore? (I know there was a reason I went off and found ATK. LOL but my brain isnt dredging it up :p)
     
Loading...
Thread Status:
Not open for further replies.