Re: Vulnerability Scanning

[Daniel Adinolfi <dra1 () CORNELL EDU>]

On Aug 30, 2004, at 09:47, Walsh, Brian R. (Information Services) wrote:

> How frequently and how thoroughly does everyone perform vulnerability
> scanning? Do you use commercial tools (Qualys, eEye, etc.), free tools
> (Nessus, etc.), or outside services? Thanks!

Cornell has a site license for ISS.  We offer a scanning service to
campus through two models.  The first model is where a local support
provider (or Audit Office) asks the Security Office to scan certain
subnets or systems for them.  The second model is where we cut keys for
local support providers to allow them to scan their own subnets and
systems whenever they wish.  This allows us to support both the
high-end and low-end technical folk on campus.

We also use nessus for scripted scanning on our ResNet and whenever we
want more than just ISS.  There are a bunch of other scanning tools we
will use depending on the situation, as well.  nmap is a tool we use
daily, for example.  Currently, I am evaluating a tool called
AppDetective for scanning databases and web servers, which seems pretty
useful so far.

-Dan
_________________
Daniel Adinolfi, CISSP
Senior Security Engineer, IT Security Office
Cornell University - Office of Information Technologies
email: dra1 () cornell edu   phone: 607-255-7657

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.