Re: Security Assessment Tools

[Bill Ogle <info () COMPLYGUARDNETWORKS COM>]

Check out http://www.complyguardnetworks.com for a standards based
assessment tool.
All universities are merchants (tuition, bookstore, stadium, food services)
and need to be PCI compliant. ComplyGuard provides low cost testing on their
portal and they have an appliance for use behind the firewall.



-----Original Message-----
From: John Tooley [mailto:jtooley () CSUN EDU]
Sent: Monday, October 30, 2006 5:35 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Security Assessment Tools


Check out Tenable Nessus. I use with great results.

Tenable offers the power of the Nessus vulnerability scanner for the
Microsoft Windows platform. Nessus For Windows is a stand-alone
vulnerability scanner. It is ideal for usage by a security consultant who
wishes to conduct a vulnerability audit, or by a Microsoft Windows
administrator who wishes to audit their network.

The Windows version of Nessus runs the same vulnerability checks as the Unix
version and also supports custom NASL checks written for Nessus by Tenable,
third parties and the Nessus user community.

Nessus website: www.nessus.org

Free if you do not subscribe to the "live feed"...

John

John R. Tooley, CISSP, GIAC
Information Security Analyst
California State University, Northridge

-----Original Message-----
From: John Kaftan [mailto:jkaftan () UTICA EDU]
Sent: Monday, October 30, 2006 2:07 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security Assessment Tools

I am researching Security Assessment Tools and I am wondering what folks are
using.  I am not a Unix guy so I am sure that limits a bunch.  I am looking
to scan Windows XP machines, Windows 2003 server and it would be nice to be
able to scan our Unix boxes.

I also want to be able to scan our Cisco switches for vulnerabilities.


Thanks Much;

John Kaftan
Utica College
Network Engineer