Educause Security Discussion mailing list archives
Re: Vulnerability scanners - what do you use? What seems to be successful for your environment?
From: Steve Brukbacher <sab2 () UWM EDU>
Date: Wed, 2 Jun 2010 14:33:01 -0500
We're running Nexpose currently. It's okay, but not very accurate for Unix systems when evaluating patch levels. Tons of false positives because often times the way admins patch services doesnt' change the version level that the vunl. scanner uses to determine path level. There are things you can do about that, including loading root creds into the vuln. scanner, which I'm not too keen on in general. It does fine for open ports/etc and the reporting is pretty good compared to Nessus. So if you just want to see what the "bad guys" are seeing, I'd just use Nessus. If you want to do regular auditing, especially for Windows systems, or for performing risk assessments, this might not be a bad choice. -- Steve Brukbacher, CISSP University of Wisconsin Milwaukee Information Security Architect UWM Computer Security Web Site www.security.uwm.edu Phone: 414.229.2224 On 5/26/10 12:57 PM, Di Fabio, Andrea wrote:
We have been using OpenVAS since Nessus became commercialized. We are in the process of integrating it with metasploit autopwn. So far the only drawback we have is the lack of built in automated comparison of previous scans with the current one. *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Ullman, Catherine *Sent:* Tuesday, May 25, 2010 11:13 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Vulnerability scanners - what do you use? What seems to be successful for your environment? Greetings! I am beginning to do some research into vulnerability scanners to be used in assessing infrastructure weaknesses here at the University at Buffalo. I’m wondering if folks out there might be willing to share with us what they’re using, if anything, and any experiences (good or bad) you’ve had with any of these products. Many thanks in advance for your assistance. Sincerely, Cathy Catherine J. Ullman Information Security Analyst Information Security Office University at Buffalo cende () buffalo edu <mailto:cende () buffalo edu>
Current thread:
- Vulnerability scanners - what do you use? What seems to be successful for your environment? Ullman, Catherine (May 25)
- <Possible follow-ups>
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Jon Hanny (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Alex Jalso (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Mike Hanson (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Isac Balder (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? William C. Moore II (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Stewart James (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Di Fabio, Andrea (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? John Ladwig (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Werby (May 28)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Brukbacher (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Yonesy F. Nunez (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Wayne Bullock (Jun 03)