Internet Scanner

Category: Vulnerability Scanners
Website: http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/scanner_internet.php
Manufacturer: Internet Security Systems
Operating System: Unix, Linux, Windows

Description:
Internet scanner is an agent-less non-intrusive vulnerability scanner. It performs best on Windows machines and Netware servers. Expect more false positives on Unix systems. Vulnerability finding and reporting ability are on par with its competitors. Overall a capable and usable vulnerability scanning solution, though it tends to have more false positives than other scanners.

Strengths:
   · Good vulnerability find rate
   · Clear and understandable reporting
   · No agents required on client machines
   · Good results on Windows systems
   · Targets webservers, firewalls, and all other discovered machines on local intranet
   · Specifically looks for SANS top 20
   · No scanning limit
   · ISS creates a list of top catastrophic bugs and allows you to scan for these. Once found a virtual-patch can be created for protection.

Weaknesses:
   · False positives on unix machines
   · Relies entirely on db of vulnerability signatures, will not find new bugs.
   · Won't discover missing patches

Target:
any public machine

Mitigation/Recommendation:
patched and updated machine

Price:
old version (6.1) was $2795 for 30 devices in 2000.
Not sure of current price.

Penetration (6):
Medium

Simplicity (9):
Beginner The canned scans are easy to run. Results are easy to interpret but in most cases would take moderate skill to create an exploit based on what is learned. Hacker will have to either find a canned exploit and figure out how to deploy to the target or will have to write there own

Damage Potential (1):
Minimal Data collections only