Re: Question about vulnerability scanning

["Utmost Bastard" <utmostbastard () gmail com>]

For free (and over most commercial scanners too) nothing in my eyes beats 
Nessus.

Just add SMB credentials for the scan to have admin rights to the 
workstations/servers in question.

Google away for Nessus documentation.

I also prefer the output of the Java client NessJ.

That is my two cents on the subject.

UB
----- Original Message ----- 
From: <Andy.Kitzke () insinkerator com>
To: <pen-test () securityfocus com>
Sent: Wednesday, May 23, 2007 2:48 PM
Subject: Question about vulnerability scanning


> I had a question and was looking for some information pertaining to it.  I 
> have no doubt that this has been covered in the past, but I can't find any 
> emails with it right now.
>
>
> I'm looking for a good vulnerability scanner that I can run from a single 
> workstation/server.  I would like somewhat detailed reports about what 
> patches are missing and if Anti-Virus is installed.  I know there are many 
> solutions out that can be purchased but I'm wondering what free solutions 
> exist and how well they stand up to paid for solutions.
>
>
> If anyone has any information on or white papers about any solutions let 
> me know.
>
>
> Thanks!
>
> Andy
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------