Re: Distributed Vulnerability Scanning

[patrick cain <pcain () COOPERCAIN COM>]

Connie,

We have setup nessus on a linux box, then added a web server, then installed
the 'inprotect' web front end for nessus.
The inprotect stuff is a web-based front end that allows for different
privileges, different scan profiles, and uses a database backend to save
everything. It manages the whole nessus scanning operation. The database
makes it quite easy to see the differences between scans on a server a year
apart, too, or to see if the sysadmin corrected the issues. :) The web front
end also makes it easy for non-geeks (e.g., audit staff, some sysadmins,
etc) to scan machines. And since every scan gets saved in the database, we
can view the results quite easily.

Pat Cain
Boston College
(soon to be spammed by all kinds of vendors, no doubt)

-----Original Message-----
From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU]
Sent: Tuesday, August 23, 2005 12:58 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Distributed Vulnerability Scanning



Does anyone use a commercial scanner - something like Tenable? The software
would allow us to set up accounts and delegate rights for some of our system
administrators to run their own scans. The management console would allow us
to review results from all of the scans. Does anyone use a commercial
appliance and if not, does anyone have a home-grown Nessus interface that
makes using Nessus in a distributed environment easier?



Thanks.



Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, Brown
University Box 1885, Providence, RI 02912 Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
<blocked::http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7  560D 9A07 80BA 91E3 8EFB