Educause Security Discussion mailing list archives

Re: Vulnerability scanners - what do you use? What seems to be successful for your environment?

From: Steve Brukbacher <sab2 () UWM EDU>
Date: Wed, 2 Jun 2010 14:33:01 -0500

We're running Nexpose currently.  It's okay, but not very accurate for
Unix systems when evaluating patch levels.  Tons of false positives
because often times the way admins patch services doesnt' change the
version level that the vunl. scanner uses to determine path level.
There are things you can do about that, including loading root creds
into the vuln. scanner, which I'm not too keen on in general.  It does
fine for open ports/etc and the reporting is pretty good compared to Nessus.

So if you just want to see what the "bad guys" are seeing, I'd just use
Nessus.  If you want to do regular auditing, especially for Windows
systems, or for performing risk assessments, this might not be a bad
choice.

--
Steve Brukbacher, CISSP
University of Wisconsin Milwaukee
Information Security Architect
UWM Computer Security Web Site
www.security.uwm.edu
Phone: 414.229.2224

On 5/26/10 12:57 PM, Di Fabio, Andrea wrote:

We have been using OpenVAS since Nessus became commercialized.  We are
in the process of integrating it with metasploit autopwn. So far the
only drawback we have is the lack of built in automated comparison of
previous scans with the current one.

*From:* The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Ullman, Catherine
*Sent:* Tuesday, May 25, 2010 11:13 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Vulnerability scanners - what do you use? What
seems to be successful for your environment?

Greetings!

I am beginning to do some research into vulnerability scanners to be
used in assessing infrastructure weaknesses here at the University at
Buffalo. I’m wondering if folks out there might be willing to share with
us what they’re using, if anything, and any experiences (good or bad)
you’ve had with any of these products.

Many thanks in advance for your assistance.

Sincerely,

Cathy

Catherine J. Ullman

Information Security Analyst

Information Security Office

University at Buffalo

cende () buffalo edu <mailto:cende () buffalo edu>

Current thread:

Vulnerability scanners - what do you use? What seems to be successful for your environment? Ullman, Catherine (May 25)
- <Possible follow-ups>
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Jon Hanny (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Alex Jalso (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Mike Hanson (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Isac Balder (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? William C. Moore II (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Stewart James (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Di Fabio, Andrea (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? John Ladwig (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Werby (May 28)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Brukbacher (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Yonesy F. Nunez (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Wayne Bullock (Jun 03)