RE: Distributed Vulnerability Scanners

Hi,
Qualys has now an Intranet Scanner appliance. You can put 5 (or more..) of them on different places in the network and 1 web interface to manage them all. Qualys will distribute all the Scan to appropriate box.

Regards,

Max

-----Original Message-----
From: Kohlenberg, Toby [mailto:toby.kohlenberg@intel.com] Sent: vendredi 7 mars 2003 00:34
To: pen-test@securityfocus.com
Subject: RE: Distributed Vulnerability Scanners

I've heard a couple people mention scanning services that offer appliances that you can bring in house, but do those actually run in a distributed fashion?

For this case, here's the definition I'd use for distributed: from a single console, I am able to set up a scan across a block of IP addresses, those addresses are then automatically split up according to some rules (by subnet or whatever) and sent out to scanning systems that are responsible for scanning those groups of IPs. They run the scans and send the results back to the central server.

The central server should also be able to push test updates down to the scanning systems.

Maybe in an ideal world the scan jobs would have an approval path that would check with the owner of the network/environment about to be scanned before executing it. Or at least give them a day or two to object before running the scan.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It's easy to set up a single box that is remotely managed and does all the scanning for an environment, but that doesn't work so well when some of your networks are at the other end of slow or expensive links.

toby

> -----Original Message-----

Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html

Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow.
Download a free 15-day trial:
http://www2.stillsecure.com/download/sf_vuln_list.html Received on Fri Mar 7 15:00:41 2003