Educause Security Discussion mailing list archives
Re: Vulnerability scanning and reporting software
From: "Beasley, Cam" <cam () AUSTIN UTEXAS EDU>
Date: Thu, 1 Nov 2007 14:06:33 -0500
David -- you might also consider SAINTscanner/SAINTmanager: http://www.saintcorporation.com/ we are working with SAINT to ensure that their product can federate nicely in a large, distributed environment so that we can allow our dept IT support staff to scan themselves when they want using their credentials to help eliminate false positives. while we are long time Nessus users, we find that the SAINT reports are easier for the end-users to consume.. we also appreciate the back-end flexibility and access to source that SAINT offers.. ~cam. -- Cam Beasley Chief Information Security Officer Information Security Office The University of Texas at Austin cam () infosec utexas edu | 512.475.9242 =======================================
From: Kevin Halgren <kevin.halgren () WASHBURN EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Thu, 1 Nov 2007 13:10:50 -0500 To: <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Vulnerability scanning and reporting software There are a number of good tools out there that are open source or otherwise free, I'm presuming you'd be most interested in those.. I've used older versions of Retina eEye and liked it a great deal. That being said, you might also look at these: Tenable Nessus 3 http://www.nessus.org/nessus/ Nessus is gold standard, in my opinion, for a simple, easy to use, and comprehensive vulnerability scanner. It was originally an open-source project that has since gone closed-source, but the vulnerability scanner can still be used and downloaded for free. The only real caveat is that there is a 7-day delay in the release of exploit and vulnerability checking code when compared to the pay version. It is also part of an overall monitoring suite they provide, but I don't have any experience with that. I'd definitely check it out. Sara http://www-arc.com/sara/ I've heard good things about this, built from the old SATAN network vulnerability scanner, though I've never used it myself. Cain and Abel http://www.oxid.it/cain.html Probably the best password cracking tool out there, at least when dealing with Windows systems. It will do brute-force and dictionary attacks, you name it. Again, this is definitely worth your time to check out. Nikto http://www.cirt.net/code/nikto.shtml Reputed to be very good at analyzing web sites for vulnerabilities. I haven't used it myself. You can find many more here as well: http://sectools.org/ Good luck! Kevin Kevin Halgren Assistant Director - Systems and Network Services Washburn University (785) 670-2341 kevin.halgren () washburn edu David Taylor wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, As everyone else we have various systems on our campus that either provide critical infrastructure, hosts some kind of sensitive data, etc. We call these Critical Hosts and have a database to keep track of them. We would like to take a more proactive step in ensuring they are up-to-date with patches (OS and 3rd party), identify weak passwords and other weaknesses. We are a decentralized campus for the most part and dont have a campus-wide Active Directory infrastructure. Our Critical Hosts run various operating systems which include Microsoft Windows, UNIX, Linux and Mac OS X. We are hoping to find a solution that will be compatible on these platforms and have the ability to send alerts to a central console so that we can check the status of each system on a monthly (or on demand) basis. We had eEye Digital come out to give us a presentation on their Retina and REM console. I was hoping that some of you might have some suggestions for other Vendors that do this type of thing. We would like to get a list together and compare functionality and cost then maybe evaluate. We would appreciate any suggestions. - ------------------------------- David Taylor University of Pennsylvania Office of Information Security 215-898-1236 - ------------------------------- The information contained in this e-mail message is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. -----BEGIN PGP SIGNATURE----- Version: 9.6.3 (Build 3017) wj8DBQFHKgDDrFOwyUiOUlwRAjoIAJ0R6+2sW++4sc+XOw5U9ydrnSSDmwCgqMA9 aPJMDIdd8Ch2QmCoUZ9b/2k= =UicG -----END PGP SIGNATURE-----
Current thread:
- Vulnerability scanning and reporting software David Taylor (Nov 01)
- <Possible follow-ups>
- Re: Vulnerability scanning and reporting software Kevin Halgren (Nov 01)
- Re: Vulnerability scanning and reporting software Beasley, Cam (Nov 01)
- Re: Vulnerability scanning and reporting software Ferris, Joe (Nov 01)
- Re: Vulnerability scanning and reporting software David Taylor (Nov 02)
- Re: Vulnerability scanning and reporting software Adam Goldstein (Nov 05)