Showing posts sorted by date for query Nessus. Sort by relevance Show all posts
Showing posts sorted by date for query Nessus. Sort by relevance Show all posts

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download

Posted by Avik Sarkar On 10/11/2012 03:51:00 am

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download 

Earlier we have discussed several times about Nessus, a proprietary comprehensive vulnerability scanning tool. After almost six months, yet again Tenable Network Security officially announced the availability of Nessus 5.0.2. According to surveys done by sectools.org, Nessus is the world's most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide. This update is largely a bugfix release, however a new build for Solaris 10 is now available. The major issues addressed in 5.0.2 include enhanced support for UTF8 encoding problems in reports and the detection of network congestion errors during scans more conservatively. 

Official Change Log for Nessus 5.0.2:- 
  • UTF8 encoding problems would sometimes cause the generation of reports to fail 
  • Fixed a case where generating some compliance checks reports would cause the scanner to hang, using 100% of the CPU 
  • Resolved a resource leak issue occurring when a large number of different users are connected at the same time 
  • Network congestion errors are now detected more conservatively 
  • Upgraded libxml2, libxslt, openssl to their newest versions 
  • Some nessusd.rules directives were not honored by the port scanners 
  • Solaris 10 build
Other fixes:-
  • Smarter max_hosts and global.max_hosts defaults
  • Added support for named virtual hosts for IPv6
  • Fixed a memory leak when mixing IPv4 and IPv6 targets
  • Fixed the systemd control script (Fedora 16)
  • Fixed a crash in nessus-mkcert on the command-line (Win32)
  • Fixed a crash in localtime(), when passed an invalid argument (Win32)
  • Fixed scratchpad_query() to allow NULL arguments
  • PSSDK fix (Win32)

To Download Nessus 5.0.2 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nmap 5.61TEST5 Released With 43 New Scripts, Improved OS & Version Detection & More

Posted by Avik Sarkar On 3/10/2012 10:13:00 pm

Nmap 5.61TEST5 Released With 43 New Scripts, Improved OS & Version Detection & More

Earlier we have discussed several times about Nmap. After 2 months of hard work with Nmap 5.61TEST4 finally the developer has announced the availability of Nmap 5.61TEST5. This release has 43 new scripts, including new brute forcers for http proxies, SOCKS proxies, Asterisk IAX2, Membase, MongoDB, Nessus XMLRPC, Redis, the WinPcap remote capture daemon, the VMWare auth daemon, and old-school rsync.  Better check that your passwords are strong!  Some other fun scripts are nat-pmp-mapport, asn-to-prefix, url-snarf, and http-auth-finder.  See the changelog entries below for a full list with descriptions.
This release also incorporated thousands of your OS detection and service detection submissions, dramatically improving the databases.  The IPv6 OS detection system became smarter as well.  And aslo as incorporated a new "nsock engines" system which improves performance by using advanced I/O APIs (such as epoll on Linux) rather than always using select.

To Download Nmap Click Here

 

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nessus 5.0 Vulnerability Scanner Released

Posted by Avik Sarkar On 2/18/2012 12:23:00 am

Nessus 5.0 Vulnerability Scanner Released 

Tenable Network Security officially announced the availability of Nessus 5.0 vulnerability scanner. This release introduces key features and improvements, separated into the four major phases of the vulnerability scanning process:
  1. Installation and management (for enhanced usability)
  2. Scan policy creation and design (for improved effectiveness)
  3. Scan execution (for improved efficiency)
  4. Report customization and creation (for improved communication with all parts of the organization).
Installation & Management:-
Nessus 5.0 simplifies the installation and configuration for non-technical users:
  • Installation: Nessus v5.0 has a browser-based installation wizard — no special knowledge required. Users on a wide variety of platforms — Windows, Mac, Linux, or UNIX — can have Nessus v5.0 installed within minutes.
  • Configuration and management: Nessus v5.0 configuration and management is now done 100% through the GUI.
  • With all configuration and management now done through the web interface, the Nessus user experience is the same for all users, regardless of OS.
  • With the touch of a button on the GUI, Nessus users can now quickly initiate plugin updates and see last update information.

Scan Policy Creation & Design:-
Users now enjoy improved effectiveness when creating scan policies:
  • Over two dozen new pre-built plugin filters make it easy for security and compliance professionals to simplify policy creation for laser-focused scans on the areas that matter most. Users can quickly select multiple filter criteria, such as, Vulnerability Publication Date, public vulnerability database ID (OSVDB, Bugtraq, CERT Advisory, and Secunia), Plugin type (local or remote), information assurance vulnerability alert (IAVA), and more, to quickly identify easily-exploitable vulnerabilities. For example:
  • Scan for all easily remotely-exploitable vulnerabilities for which there is an exploit published in your favorite exploit framework.
  • Scan for local third-party client software that is unpatched.
  • Scan for systems that have been missing patches for more than a year.
  • Policies can be configured to produce reports that are locked to prevent editing.
Scan Execution: Improved efficiency:-
Nessus 5.0 users can take advantage of real-time scan results, on-the-fly filtering and sorting, and streamlined results navigation:
  • New criticality level: Nessus v5.0 now has five severity levels — Informational, Low Risk, Medium Risk, High Risk, and Critical Risk. The Informational level quickly identifies non-vulnerability information and separates it from the vulnerability detail.
  • Example: A user may want to run a query against all hosts running web servers not on the normal http or https ports, port 80 or port 443. The Informational level allows a user to quickly identify information that may be useful, but does not require immediate attention — keeping the focus on the actionable results.
  • New vulnerability summary: A new vulnerability summary and redesigned host summary make it easy to see risk level without even running a report.
  • Streamlined results navigation: One click to jump from a critical vulnerability to see the host(s) that is vulnerable to the details of the vulnerability.
  • Take advantage of real-time results: As the scan is being run, not only can you see the results as they are being gathered, but navigate and filter on them as well. This allows you to easily act upon the vulnerability data while the scan is happening.

Report Customization:-
New reporting features allow for improved communication of vulnerability results with all parts of the organization:
  • Results filtering and report creation: Results filtering and report creation is more flexible than ever before. Users can apply multiple result filtering criteria, and targeted reports can be generated against the filtered results.
  • Create reports that contain only exploitable vulnerabilities, multiple risk levels (e.g., only show critical and high risk findings), filter on CVE or Bugtraq ID, plugin name, and more!
  • Reports customized by audience: Reports can be customized for executives, systems administrators, or auditors. A user can exclude particular vulnerabilities from a report before it is generated, allowing delivery of results targeted to specific audiences.
  • Example: During an internal scan, Nessus will report that a DNS server allows recursive queries, which is its function on the internal network. As this is a known condition, a user can suppress this result in the generated report to keep focus on true vulnerabilities.
  • With four new pre-configured report formats — Compliance Check, Compliance Check (Executive), Vulnerabilities by Host, and Vulnerabilities by Plugin — users can quickly create reports by chapters.
  • Example: The company’s compliance policy dictates that passwords be greater than ten characters in length. Nessus v5.0 runs a scan against the baseline, and the Compliance Check (Executive) report shows a pass/fail result to indicate if all hosts on the network are compliant with the minimum password length. With pass/fail results, the Compliance Check (Executive) report provides a quick snapshot of the company’s compliance checklist status.
  • Report formats: Reports can be generated in native Nessus formats, HTML, and now PDF formats (requires Oracle Java be installed on the Nessus server).
  • The new PDF report format makes it easier to share reports.
  • Combined reports: Multiple report templates can be combined into one report.
  • A single report can now contain vulnerabilities sorted by host and by IP address/hostname.

To Download Nessus click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

X-Scan A Free Network Vulnerability Scanner

Posted by Avik Sarkar On 11/24/2011 05:49:00 pm



X-Scan is a general scanner for scanning network vulnerabilities for specific IP address range or stand-alone computer by multi-threading method, plug-ins are supported. This is an old tool (last update in 2005), but some people still find it useful and there are certain situations where it can be useful (especially in those jurassic companies using old kit). It supports Nessus NASL plugins for vulnerability scanning – which makes it pretty useful. It also has both a GUI and command line version for scripting.

Features :-
  •     Remote OS type and version detection,
  •     Standard port status and banner information,
  •     SNMP information,
  •     CGI vulnerability detection,
  •     IIS vulnerability detection,
  •     RPC vulnerability detection,
  •     SSL vulnerability detection,
  •     SQL-server,
  •     FTP-server,
  •     SMTP-server,
  •     POP3-server,
  •     NT-server weak user/password pairs authentication module,
  •     NT server NETBIOS information,
  •     Remote Register information, etc.


The results of the scan are saved in /log directory, and are title index_ip_address.htm (if you used the GUI) or ip_address if you used the command line option. These can be directly browsed by any normal WebBrowser. Basic user and password lists are supplied to carry out a basic attack on certain services, (above), if found enabled on the host. 

To Download X-Scan Click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Tenable Network Security Released Nessus Android Application

Posted by Avik Sarkar On 6/07/2011 11:11:00 pm

“Network security isn’t a 9-5 job,” said Ron Gula, CEO of Tenable Network Security. “The ability to conduct vulnerability scans and review results anytime from anywhere is exactly what enterprise IT and security professionals expect from their software and service providers, and it’s what they need to keep their networks safe, 24/7.” Tenable is the first company to release an Android-based mobile application for vulnerability scanning. The Nessus Android application is available at no cost at the Android Marketplace and is located under the productivity category. It allows users to take advantage of the advanced capabilities of the Android user interface.Features of the Nessus Android application include remote starting, stopping and pausing of network scans as well as the ability to analyze scan results. Mobile access speeds the Incident Response process – allowing a security professional who is responding to an incident to quickly log into a Nessus scanner during a meeting to find a host with a given vulnerability.Tenable Network Security, Inc.the leader in Unified Security Monitoring (USM) and creator of the widely-used, award-winning  enterpriseSecurityCenter and Nessus® vulnerability scanner, today announced that it has released an Android application for its Nessus Vulnerability Scanner, enabling Nessus users to remotely connect to a Nessus server, launch scans and review reports from their Android devices.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cloud Computing: Managing Risk and Compliance in the Cloud

Posted by Avik Sarkar On 4/26/2011 01:04:00 am


Cloud computing represents today's big innovation trend in the information technology (IT) space. Because it allows enterprises to deploy quickly, move swiftly, and share resources, cloud computing is rapidly replacing conventional in-house facilities at enterprises of all sizes.
Unfortunately, in their eagerness to adopt cloud platforms and applications, enterprises are neglecting to recognize and address the compliance and security risks that come with implementation. Often the ease of getting a business into the cloud - a credit card and a few keystrokes is all that is required - provides a false sense of security.
However, shortcomings in the cloud providers' security strategy can trickle down to the businesses that leverage their services. In this context, damages can range from pure power outages impacting business performance, data loss, unauthorized disclosure, data destruction, copyright infringement, to brand reputational loss.
Risk in the Cloud
For enterprises planning to transition their IT environment to the cloud, it is imperative to be cognizant of issues such as loss of control and lack of transparency, which are often overlooked. Cloud providers may have service level agreements in place, but security provisions, the physical location of data, and other vital details may not be well defined. This leaves enterprises in a bind, as they must also meet contractual agreements and regulatory requirements for securing data and comply with countless breach notification and data protection laws.

Whether organizations plan to use public clouds, which promise an even higher return on investment, or private clouds, better security and compliance is needed. To address this challenge, organizations should institute policies and controls that match their pre-cloud requirements. At the end, why would you apply less stringent requirements to a third-party IT environment than your own - especially if it potentially impacts your business performance and valuation?
Recent cyber-attacks and associated data breaches of Google and Epsilon (a marketing services firm) are prime examples of why companies need to think about an advanced risk and compliance plan that includes their third-party managed cloud environment.
To protect your business, you should insist that your cloud service provider provides visibility into security processes and controls to ensure confidentiality, integrity, and availability of data.
Best Practices for Cloud Risk Management
According to Jim Reavis, co-founder and executive director of the Cloud Security Alliance (CSA), main inhibitors to the adoption of cloud computing in large organizations are consistent and standardized frameworks, open standards, interfaces that address security controls, and easy-to-implement processes to provide assurances on levels of Governance, Risk, and Compliance and security in cloud environments.
According to a report by Forrester Research (Compliance with Clouds: Caveat Emptor, August 2010) organizations should not wait for the cloud industry to step up its support for regulatory compliance, but instead security professionals should look beyond their cloud providers for compensating controls to aid cloud sourcing.
This view is obviously shared by IT and security leaders, who responded to the 2011 Global State of Information Security Survey of PricewaterhouseCoopers, CIO Magazine, and CSO Magazine, as they identified compliance (34%) and regulatory compliance (33%) among the top five business issues that will drive information security spending in their organization in 2011.
As cloud computing is still an emerging technology space, advice on how to address cloud risk management is limited. What best practices should organizations follow? Probably the best bet are the guidelines developed by the Cloud Security Alliance, a non-profit organization formed to promote the use of best practices for providing security assurance within cloud computing.
The CSA defines three distinct stages of a cloud adoption life cycle, starting with cloud risk readiness assessment, cloud risk operations monitoring, and finally leading to cloud audits (an area that still requires further standardization).
Cloud Risk Readiness
When you transition your IT infrastructure to a cloud environment you have to find ways to determine how to trust your cloud provider with your sensitive data. Practically speaking, you need the ability to assess security standards, trust security implementations, and prove infrastructure compliance to auditors.
To quickly evaluate your tolerance for moving asset to various cloud computing models (e.g., public cloud, private cloud, community cloud, or hybrid cloud) you should apply the followings steps:
  1. Identify the assets for the cloud deployment (e.g., data, applications, functions, processes)
  2. Evaluate the assets as it relates to criticality to the business and answer questions such as:
    • What impact would the business face if the asset became public information?
    • What impact would the business face if the asset would be accessed by the cloud service provider?
    • What impact would the business face if the application would be attacked or corrupted by an outsider?
    • What impact would the business face if the stored data were unexpectedly modified?
    • What impact would the business face if the asset were unavailable for a period of time?
  3. Map the asset to the potential cloud deployment model
  4. Evaluate potential cloud service models and providers and answer questions such as:
    • Does the cloud service provider meet current standards for security (e.g., assessment of threat and vulnerability management capabilities, continuous monitoring, business continuity plan)
    • Is the cloud service provider compliant with applicable regulations and can it pass a regulatory audit?
    • Can the cloud service provider generate dynamic and detailed compliance reports that can be used by the provider, auditors, as well as your internal resources?
Considering that many organizations deal with a heterogeneous cloud eco-system, comprised of infrastructure service providers, cloud software providers (e.g., cloud management, data, compute, file storage, and virtualization), platform services (e.g., business intelligence, integration, development and testing, as well as database), it is often challenging to gather the above mentioned information in a manual fashion. Thus, automation of the vendor risk assessment might be a viable option, especially if the same software tool can be leveraged for the other stages of the cloud adoption life cycle.
In addition, it's important to select a software tool that provides compliance controls assessment frameworks and content from regulations such as PCI DSS 2.0, FISMA 2010, SOX, NIST, ISO, CSA, SANS and BITS, threat controls content from CSA, as well as cloud risk dashboards and reports.
Cloud Risk Operations
A portion of the cost savings obtained by moving to the cloud should be invested into increasing the scrutiny of the security qualifications of an organization's cloud service provider, particularly as it relates to security controls, and ongoing detailed assessments and audits to ensure continuous compliance.
In this context, organizations should consider leveraging monitoring services or security risk management software that achieves:
  • Continuous compliance monitoring
  • Segregation and virtualization provisioning management
  • Automation of CIS benchmarks and secure configuration management integrations with security tools such as VMware vShield, McAfee ePO, and NetIQ SCM
  • Threat management with automated data feeds from zero-day vendors such as VeriSign and the National Vulnerability Database (NVD), as well as virtualized vulnerability integrations with companies such as eEye Retina and Tenable Nessus
Automated technology, which allows a risk-based approach and continuous monitoring for compliance, would be suitable for enterprises seeking to protect and manage their data in the cloud.
Cloud Risk Audit
This stage of the cloud adoption life cycle has not been very well defined yet and therefore requires further standardization driven by an increase in cloud deployments.
Nonetheless, when evaluating cloud service providers, organizations should ensure that they perform automated regulatory health checks and provide transparency in their infrastructure (IaaS), platform (PaaS), and software (SaaS) environments.
Practical Tips in Selecting the Right Cloud Risk Management Tool
When assessing Cloud Risk Management services or software, organizations should apply the following selection criteria:
  • Choose a vendor that offers an all-encompassing solution, meaning providing methodologies, frameworks, tools, and best practices to properly assess and manage your organization's cloud initiatives across all three stages of your cloud adoption life cycle. The solution should cover Governance, Risk, and Compliance (GRC), as well as Security in the form of threat and vulnerability management capabilities.
  • Choose an automated technology with an open architecture, since many organizations have invested heavily in security tools. This will allow data to be fed from the existing tools into the Cloud Risk Management tool and provide an aggregated view into both IT and business compliance and risk.
  • Make sure you work with a vendor that offers a solution that is content rich and includes many of the regulations (PCI, FISMA, SOX, etc.), frameworks, and standards that are applicable to your organization.
  • Seek out a vendor or service provider that can add value by offering innovative technology that goes beyond the traditional view of GRC. Namely, ensure that beyond governance and compliance, the areas of security (e.g., threat and vulnerability) and risk (e.g., enterprise risk management) are well covered, as it ensures higher return on investment.
  • Since you measure the success of a technology implementation by the time it takes to achieve value from its investment, it's crucial to engage with a vendor that offers the most efficient time-to-value. From a deployment perspective, this means that an on-site implementation should not exceed 90 days and as a managed service client, you should be up and running within 30 days.
Summary
There is no doubt that cloud computing will continue growing and, as it does, continue to get safer. But data breaches at some of the largest enterprises highlight the fact that there are still many risks associated with cloud adoption. Constantly changing government regulations are making it more difficult to keep compliant during the audit process as well. While it's exciting to be at the frontline when it comes to embracing a new technology that is poised to change the way we conduct business, we must remember that these technologies almost always come with new risks that have not yet been fully addressed.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search