Penetration Testing mailing list archives

RE: Question about vulnerability scanning


From: "Shenk, Jerry A" <jshenk () decommunications com>
Date: Wed, 23 May 2007 21:05:15 -0400

If you have the local admin account, the MS Baseline Security Scanner
will definitely check for all the patches and cover the MS stuff very
well.  You can also use Nessus and if you give it logon credentials, it
can do a lot of checks on the machine.  The commercial version of Nessus
has some additional features in this area.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Andy.Kitzke () insinkerator com
Sent: Wednesday, May 23, 2007 2:49 PM
To: pen-test () securityfocus com
Subject: Question about vulnerability scanning

I had a question and was looking for some information pertaining to it.
I have no doubt that this has been covered in the past, but I can't find
any emails with it right now.


I'm looking for a good vulnerability scanner that I can run from a
single workstation/server.  I would like somewhat detailed reports about
what patches are missing and if Anti-Virus is installed.  I know there
are many solutions out that can be purchased but I'm wondering what free
solutions exist and how well they stand up to paid for solutions.


If anyone has any information on or white papers about any solutions let
me know.


Thanks!

Andy

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which 
they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the 
intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the 
message. If you have received this communication in error, please notify the sender and delete this e-mail message. The 
contents do not represent the opinion of D&E except to the extent that it relates to their official business.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


Current thread: