Re: Vulnerability scanning and reporting software

[Kevin Halgren <kevin.halgren () WASHBURN EDU>]

There are a number of good tools out there that are open source or
otherwise free, I'm presuming you'd be most interested in those..  I've
used older versions of Retina eEye and liked it a great deal.  That
being said, you might also look at these:

Tenable Nessus 3
http://www.nessus.org/nessus/
Nessus is gold standard, in my opinion, for a simple, easy to use, and
comprehensive vulnerability scanner.  It was originally an open-source
project that has since gone closed-source, but the vulnerability scanner
can still be used and downloaded for free.  The only real caveat is that
there is a 7-day delay in the release of exploit and vulnerability
checking code when compared to the pay version.  It is also part of an
overall monitoring suite they provide, but I don't have any experience
with that.  I'd definitely check it out.

Sara
http://www-arc.com/sara/
I've heard good things about this, built from the old SATAN network
vulnerability scanner, though I've never used it myself.

Cain and Abel
http://www.oxid.it/cain.html
Probably the best password cracking tool out there, at least when
dealing with Windows systems.  It will do brute-force and dictionary
attacks, you name it.  Again, this is definitely worth your time to
check out.

Nikto
http://www.cirt.net/code/nikto.shtml
Reputed to be very good at analyzing web sites for vulnerabilities.  I
haven't used it myself.

You can find many more here as well:
http://sectools.org/

Good luck!

Kevin

Kevin Halgren
Assistant Director - Systems and Network Services
Washburn University
(785) 670-2341
kevin.halgren () washburn edu



David Taylor wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi all,
>
>
>
> As everyone else we have various systems on our campus that either
> provide critical infrastructure, hosts some kind of sensitive data,
> etc. We call these Critical Hosts and have a database to keep track of
> them.
>
>
>
> We would like to take a more proactive step in ensuring they are
> up-to-date with patches (OS and 3rd party), identify weak passwords
> and other weaknesses.  We are a decentralized campus for the most part
> and dont have a campus-wide Active Directory infrastructure.
>
>
>
> Our Critical Hosts run various operating systems which include
> Microsoft Windows, UNIX, Linux and Mac  OS X. We are hoping to find a
> solution that will be compatible on these platforms and have the
> ability to send alerts to a central console so that we can check the
> status of each system on a monthly (or on demand) basis.
>
>
>
> We had eEye Digital come out to give us a presentation on their Retina
> and REM console.  I was hoping that some of you might have some
> suggestions for other Vendors that do this type of thing.  We would
> like to get a list together and compare functionality and cost then
> maybe evaluate.
>
>
>
> We would appreciate any suggestions.
>
>
>
>
> - -------------------------------
> David Taylor
> University of Pennsylvania
> Office of Information Security
> 215-898-1236
> - -------------------------------
>
>
>
> The information contained in this e-mail message is intended only for
> the personal and confidential use of the recipient(s) named above. If
> the reader of this message is not the intended recipient or an agent
> responsible for delivering it to the intended recipient, you are
> hereby notified that you have received this document in error and that
> any review, dissemination, distribution, or copying of this message is
> strictly prohibited. If you have received this communication in error,
> please notify us immediately by e-mail, and delete the original message.
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 9.6.3 (Build 3017)
>
> wj8DBQFHKgDDrFOwyUiOUlwRAjoIAJ0R6+2sW++4sc+XOw5U9ydrnSSDmwCgqMA9
> aPJMDIdd8Ch2QmCoUZ9b/2k=
> =UicG
> -----END PGP SIGNATURE-----