Re: ISS vs. CyberCop - My findings.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: ISS vs. CyberCop - My findings.
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM
- Subject: Re: ISS vs. CyberCop - My findings.
- From: Elliot Turner <turnereMIMESTAR.COM>
- Date: Tue, 11 Aug 1998 19:46:28 -0400
- Reply-To: Elliot Turner <turnereMIMESTAR.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
> -----Original Message-----
> From: John Seitzinger [SMTP:john.seitzingerreeseweb.com]
> Sent: Tuesday, August 11, 1998 12:14 PM
> To: 'Steve Manzuik'; NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
> Subject: RE: ISS vs. CyberCop - My findings.
>
> When researching scanners I recommend doing a search at Network
> Computing's
> Web site (the URL escapes me at the moment). CyberCop is not Network
> Associates product. As with most of their stuff, it is licensed from
> another company (in this case Cisco Systems).
>
[Steve Manzuik] SNIP
Actually, CyberCop used to be Ballistia which was a Secure Networks
Product. Secure Networks (A company based in Calgary, AB, Canada, yaaah!
Go Calgary! Go Canada, hehe)was bought by NAI.
You are right about the "more vulnerabilities" I found that a lot of
the ones that CyberCop came up with were not actual vulnerabilities but just
a bunch of cool things like router dumps and SMNP queries.
The ISS product does a great job and they have great support, but to
me, it APEARS that CyberCop does a little more when doing the scans.
------------
Actually, you are both right. NAI got technology from both Cisco and Secure Networks.
"CyberCop" is not one single product, but a suite of different products.
CyberCop Scanner was "Ballista" from Secure Networks.
CyberCop Network uses an intrusion detection engine licensed from Cisco (Cisco
purchased Wheelgroup, the original producer of the intrusion detection engine (ie: netranger)
(Note: NetRanger is not CyberCop Network. They just both use the same underlying intrusion
detection engine)
