Security Basics mailing list archives
Re: Host Based Vulnerability Scanner
From: Todd Haverkos <infosec () haverkos com>
Date: Mon, 19 Dec 2011 17:43:07 -0600
Jeffrey Walton <noloader () gmail com> writes:
On Mon, Dec 19, 2011 at 4:40 PM, Thugzclub Thugzclub <thugzclub () googlemail com> wrote:Hi guys, I am looking for a host based vulnerability scanning application. I Nessus and other tools scan can network facing application and tell you whether they are vulnerable or not but I am looking for a host based solution similar to Secunia PSIOn Windows, consider Microsoft Baseline Security Analyzer (MBSA), http://technet.microsoft.com/en-us/security/cc184924. MBSA will also work over the network if the correct credentials are supplied, the host firewall is open, and remote registry access is granted (IIRC).
MBSA is useful and free for Office and OS vulns, but it's probably worth mentioning that third party web plugins (Java, Flash, Reader, Quicktime etc, where most of the problems lie lately) are not covered by MBSA. Too many client sites I see aren't patching third party plugins... mostly for want of resources to do it, a lack of awareness of the seriousness of the problem, and the fact that patching those at scale ... is FAR from simple. Microsoft WSUS+SCCM + a Shavlik SCUPdates license is about as cheaply as you can get away with it unless you have someone handy who has sufficient skill to create, test, debug, and chase down failures in SMS packages. If others have low cost solutions that give small businesses a chance with these, please share! Best Regards, -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Host Based Vulnerability Scanner Thugzclub Thugzclub (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- Re: Host Based Vulnerability Scanner steveo1620 (Dec 19)
- Re: Host Based Vulnerability Scanner Jeffrey Walton (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- RE: Host Based Vulnerability Scanner Sheldon Malm (Dec 20)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)