Review of 12 Vulnerability Scanners

Review of 12 Vulnerability Scanners

http://www.askapache.com/2006/security/vulnerability-scanners-review.html

http://it.slashdot.org/it/06/12/31/1746211.shtml

1. ISS Internet Security Systems
2. SSS Shadow Security Scanner
3. Retina eEye
4. Nessus
5. GFI Languard Network Security Scanner
6. Qualys www.qualys.com
7. Nstealth Security Scanner www.nstalker.com
8. Nikto
9. Whisker
10. Infiltrator infiltration-systems.com
11. Nscan


Am I wrong to think that vulnerability could be tested from the Backtrack Live cd?
http://www.remote-exploit.org/index.php/BackTrack [remote-exploit.org]

* Most of these are completely outdated, and easily miss newer security holes. (maybe apart from CORE, which is a commercial and expensive scanner).
* They are loud and noisy, and due to using well-known shellcode and attack patterns extremely prone to setting off IDS systems.
* They are, in comparison to Nmap + version scan + personal archive of public exploits, very

http://www.networkcomputing.com/1201/1201f1b1.html