WhiteHatWorld Webinar - Vulnerabiltiy Management Thought Leadership Webcast
August 2, 2008On August 6th, 2008, I will be participating in a Vulnerabiltiy Management webinar hosted by WhiteHatWorld. We will be discussing best practices for scanning and configuration auditing. Panelists also...
WMI Based Compliance Checks
July 31, 2008<p>Tenable's Research group recently added the ability to perform WMI (<a href="http://en.wikipedia.org/wiki/Windows_Management_Instrumentation">Windows Management Instrumentation</a>)  queries to Windows servers and desktops as part of a <a href="http://www.nessus.org">Nessus</a> configuration audit. These new features allow for rapid and in-depth auditing of a wide variety of configuration settings that are only available through WMI. This blog entry describes how the new API works, and includes several examples. </p>
Auditing Anti-virus Software without an Agent
July 28, 2008Most enterprises are required  to run some sort of Anti-virus (AV) software on all or a portion of their desktops and servers and report on the status of the deployment. This blog entry discusses...
"But I patched our DNS servers ..."
July 25, 2008The current DNS cache poisoning issue is a great example of a vulnerability that must be tested with both patch auditing as well as network scanning. Nessus is ideally suited to perform both types of&...
Watching the Watchers -- Detecting WebCams with Nessus
July 21, 2008Nessus plugin #33523 "Network Camera Detection" will alert if it encounters a web page that belongs to a WebCam. Typically, these web pages are not password protected and on ports other tha...
Project Bandolier Update - Alpha Audit Files Available
July 18, 2008Previously, I've blogged about Digital Bond's effort (project Bandolier) to produce Nessus audit polices for a wide variety of control system devices and applications. Digital Bond recently published ...
Charitable and Information Security Training Programs for Nessus
July 18, 2008Tenable recently announced two programs to provide access to the ProfessionalFeed for charitable organizations and classrooms that offer information security training. Full details of the programs are...
Phishing Webinar with White Hat World
July 16, 2008I will be participating today in a White Hat World "Thought Leadership Roundtable Webcast" today at 2:00 PM EST on the topic of Phishing. Other panel members include representatives from Sec...
Scanning for DNS Servers Vulnerable to Cache Poisoning
July 10, 2008Recently, CERT issued vulnerability note VU#800113 which describes a variety of issues with multiple DNS commercial and open source tools. The vulnerability pertains to an attacker being able to per...
Full Su/SuDo support for UNIX Configuration Audits
July 7, 2008<p>Previously, Tenable <a href="http://blog.tenablesecurity.com/2008/05/ssh-auditing--.html">announced</a> that full su/sudo support for UNIX host-based checks was now supported by <a href="http://www.nessus.org">Nessus</a> 3.2 but that UNIX configuration audits did not have access to this feature. With the latest release of the <em>unix_compliance_check.nbin</em> file (version 1.5.8), full support for su and sudo while performing UNIX compliance audits is now supported. This blog entry discusses this and several other new features.</p>
AIX Best Practice and PCI Configuration Audits
July 2, 2008<p>Tenable's Research group has released two new audit polices for <a href="http://www.nessus.org">Nessus</a> and <a href="http://www.nessus.org/products/sc/">Security Center</a> users which audit the AIX operating system.
Keeping Track of Your Ethernet Addresses
June 30, 2008Tracking the hardware network address of Ethernet devices can be a daunting task for an enterprise network operations group. The ability to track Ethernet (or MAC) addresses can have tremendous value ...