Educause Security Discussion mailing list archives

Re: Distributed Vulnerability Scanning

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Tue, 23 Aug 2005 14:23:03 -0400

Connie --

You may also wish to check out NessusWC (web client).

It had a very simplistic design goal for usability (e.g. by anyone)
so I suspect the interface is rather simple and may even lack any
access control -- I keep meaning to spend some time to bring it up
and check it out:

    http://www.securiteam.com/tools/5WP0M00GAQ.html

    http://www.frank4dd.com/nessuswc/

    http://freshmeat.net/projects/nessuswc/

http://www.networksecurityarchive.org/html/Exploits-HackingTools/2005-07/msg00056.html


- H. Morrow Long, CISSP, CISM, CEH
  University Information Security Officer
  Director -- Information Security Office
  Yale University, ITS



On Aug 23, 2005, at 12:58 PM, Sadler, Connie wrote:

Does anyone use a commercial scanner – something like Tenable? Thesoftware would allow us to set up accounts and delegate rights forsome of our system administrators to run their own scans. Themanagement console would allow us to review results from all of thescans. Does anyone use a commercial appliance and if not, doesanyone have a home-grown Nessus interface that makes using Nessusin a distributed environment easier?
Thanks…



Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7  560D 9A07 80BA 91E3 8EFB

Current thread:

Distributed Vulnerability Scanning Sadler, Connie (Aug 23)
- <Possible follow-ups>
- Re: Distributed Vulnerability Scanning Bruce Barrett (Aug 23)
- Re: Distributed Vulnerability Scanning Phillip G Deneault (Aug 23)
- Re: Distributed Vulnerability Scanning Jeff Giacobbe (Aug 23)
- Re: Distributed Vulnerability Scanning H. Morrow Long (Aug 23)
- Re: Distributed Vulnerability Scanning Warren Raquel (Aug 23)
- Re: Distributed Vulnerability Scanning Christopher E. Cramer (Aug 23)
- Re: Distributed Vulnerability Scanning Chad McDonald (Aug 23)
- Re: Distributed Vulnerability Scanning Graham Toal (Aug 23)
- Re: Distributed Vulnerability Scanning Tristan RHODES (Aug 24)
- Re: Distributed Vulnerability Scanning patrick cain (Aug 25)