Educause Security Discussion mailing list archives
Re: Vulnerability Scanning Problem
From: Wang Cheng <ChengW () SACREDHEART EDU>
Date: Tue, 12 Dec 2006 01:52:29 -0500
Hi Kim, It seems odd to me that a vulnerability scanner would skip a host simply because it can't ping that host. I would ask your vendor about that maybe it's just a misconfiguration. You might want to take a look at Nessus (it's free so no harm in trying) if anything else at least to compare results. If your users are joined to your domain, you can push a Windows Firewall policy to allow ICMP echo reply, then on the network side permit ICMP only from your scanner's IP to traverse to your hosts. I would not recommend doing this though. Regards, Wang Cheng Information Security Officer Sacred Heart University chengw () sacredheart edu ________________________________ From: Logan, Kimberly (loganks) [mailto:LOGANKS () UCMAIL UC EDU] Sent: Monday, December 11, 2006 3:55 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Vulnerability Scanning Problem Hi Everyone, Sorry if this has already been discussed, but.... The University of Cincinnati is using Rapid7's NeXpose as our OS level vulnerability scanner. Last week, we scanned 57 IP addresses and only got returns on 14. We believe the reason is that Microsoft SP2 installed the firewall with ICMP blocked. We don't necessarily want to have it unblocked for all devices, but we need to be able to scan our devices on all subnets. Has anyone experienced this problem and have you been able to find any workarounds without opening things up? Thanks, Kim Kim Logan Information Security Officer University of Cincinnati (513)556-9070 kim.logan () uc edu
Current thread:
- Vulnerability Scanning Problem Logan, Kimberly (loganks) (Dec 11)
- <Possible follow-ups>
- Re: Vulnerability Scanning Problem Michael Hornung (Dec 11)
- Re: Vulnerability Scanning Problem Wang Cheng (Dec 11)
- Re: Vulnerability Scanning Problem Wyman Miles (Dec 12)
- Re: Vulnerability Scanning Problem Graham Toal (Dec 12)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 12)
- Re: Vulnerability Scanning Problem Russell Fulton (Dec 12)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 13)
- Re: Vulnerability Scanning Problem Michael Hornung (Dec 13)
- Re: Vulnerability Scanning Problem Mike Wiseman (Dec 13)
- Re: Vulnerability Scanning Problem Russell Fulton (Dec 13)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 15)
- Re: Vulnerability Scanning Problem Randy Marchany (Dec 15)