RE: Online Scanning Services Vrs. Stand Alone Applications

-----BEGIN PGP SIGNED MESSAGE-----
> The second part of the question is, are their any technical
> advantages between the two setups? I understand this overlaps with
> the
> first question
> but I ask this after having searched for good writeups and
> came out with
> very little.

• From what I have seen, the main difference is that stand alone applications tend to me a lot more thorough, deploying tests of an aggressive nature an online scanner simply cannot afford.

On the other hand, online scanning is usually a lot easier to use, being targetted at the end user. Stand alone vulnerability scanners should be used by qualified auditors only. I have seen a couple of crashes and system instability caused by vulnerability scanners like Nessus or eEye Retina.

Still, the main advantage of stand alone vulnerability scanners is that they can be deployed anywhere (DMZ, intranet, etc.), while online scanning is limited to the Internet perimeter.

Just my ?0,02

• -- Filipe Custodio CISSP, GSNA Senior Security Consultant

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQEVAwUBPl3rWPicSwtnqcbDAQGo3AgAzAZMNEyKncFU9DuCWQG2CcLaBN5H3S2W WcfAMjy/gg0koBwTd/AWhsFRgIXG6M3ZQ2LTk1drFj9vIoVXhqi7BLZmX9zsueEw H8uyquTO00dNG42g2q4OMkIqaHCzxvDyRVy1PABm2H0NHpAgq8bubs4BBbyanruY KTDpSgUNOrmqSW3wdSVMPcWZoD675Q4AdKjG3KiPIV0gR/iojZgyPJPDhD1yEEmt oxd4+vVDTwpeF2Rb60QgElaJCkQafWO8RKzMuRtnN8w91pzBVZBEpqj3idBd91nw +pnrX43EicxBJk6Otf7ucL82bIFJRtB93YO2RqZ/uqq2aQ8nBc4eXQ== =H4Mx
-----END PGP SIGNATURE-----