Educause Security Discussion mailing list archives
Re: Distributed Vulnerability Scanning
From: patrick cain <pcain () COOPERCAIN COM>
Date: Thu, 25 Aug 2005 10:39:30 -0400
Connie, We have setup nessus on a linux box, then added a web server, then installed the 'inprotect' web front end for nessus. The inprotect stuff is a web-based front end that allows for different privileges, different scan profiles, and uses a database backend to save everything. It manages the whole nessus scanning operation. The database makes it quite easy to see the differences between scans on a server a year apart, too, or to see if the sysadmin corrected the issues. :) The web front end also makes it easy for non-geeks (e.g., audit staff, some sysadmins, etc) to scan machines. And since every scan gets saved in the database, we can view the results quite easily. Pat Cain Boston College (soon to be spammed by all kinds of vendors, no doubt) -----Original Message----- From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU] Sent: Tuesday, August 23, 2005 12:58 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Distributed Vulnerability Scanning Does anyone use a commercial scanner - something like Tenable? The software would allow us to set up accounts and delegate rights for some of our system administrators to run their own scans. The management console would allow us to review results from all of the scans. Does anyone use a commercial appliance and if not, does anyone have a home-grown Nessus interface that makes using Nessus in a distributed environment easier? Thanks. Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, Brown University Box 1885, Providence, RI 02912 Connie_Sadler () Brown edu Office: 401-863-7266 PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB <blocked::http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB> PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB
Current thread:
- Distributed Vulnerability Scanning Sadler, Connie (Aug 23)
- <Possible follow-ups>
- Re: Distributed Vulnerability Scanning Bruce Barrett (Aug 23)
- Re: Distributed Vulnerability Scanning Phillip G Deneault (Aug 23)
- Re: Distributed Vulnerability Scanning Jeff Giacobbe (Aug 23)
- Re: Distributed Vulnerability Scanning H. Morrow Long (Aug 23)
- Re: Distributed Vulnerability Scanning Warren Raquel (Aug 23)
- Re: Distributed Vulnerability Scanning Christopher E. Cramer (Aug 23)
- Re: Distributed Vulnerability Scanning Chad McDonald (Aug 23)
- Re: Distributed Vulnerability Scanning Graham Toal (Aug 23)
- Re: Distributed Vulnerability Scanning Tristan RHODES (Aug 24)
- Re: Distributed Vulnerability Scanning patrick cain (Aug 25)