Auditing Tools: Scan the Scanner

There are a number of vulnerability assessment tools available on the block. The options you choose could determine what you end up with. If you like to work in a GUI environment then you may end up with a commercial product. If you like programming and command line then you may as well download open source products and tweak it to your objectives.

Full scans can generate a lengthy report of 1000 pages or so. Analyzing that would be difficult. Manage the scans to suit your most immediate need. Also find out if the scanner gives updates to its ‘what to scan?’ database. Look up http://www.sans.org for more details on scans. Some products are given below.

Free

• MBSA- Microsoft Baseline Security Analyzer
• Nessus
• NMap

Comercial

• Preventsys
• Foundstone professional
• ‘eEye Retina’
• SAINT
• MBSA-Just checks the operating system to see if it has installed all the software patches and fixes all the bugs in system and application software like Windows operating systems, Internet Information Server (IIS), SQL Server, Exchange Server, Internet Explorer, Windows Media Player and Microsoft Office products. It also notifies weak and missing passwords and other insecurities. When new packs and patches are available it notifies the user.
• Nessus is open source and runs on Linux/Unix. There is also a Windows graphical front end (Win 32 GUI client) available. The advantage is that you can create your own plugins for tests. Also available is a host of third party tools that you may want to purchase for better functionality and reporting. One example is lighting from Tenable.
• Nmap is also a freeware and is adopted by many in the security community. It has flexibility and can powerful scanning ability. It has both command line and GUI versions and you could download the source as well as the documentation for use.
• Preventsys uses XML at its core and can also include a wireless module that analyzes wireless infrastructure. It has a strong centralized control point for vulnerability analysis and reporting.
• Foundstone professional deals with enterprise security systems and its security risk assessment product is a managed security solution. The product runs its scan from the McAfee scan centre.
• eEye Retina is a product for security risk assessment and project risk management and registry scans as well. Its scans can be conducted without administrative rights and incorporates up to date vulnerabilities.
• SAINT- Security Administrator’s Integrated Network Tool complies with government rules such as FISMA, GLBA, COPPA, etc…It has a GUI and is easy and fast.
• According to reviews, the management and the reporting of scan results was better in Foundstone and Retina. The Vulnerability detection was better in SAINT and Nessus.

What ever be the scanner these are a few basics that you need to look into. Scanners are not truly stealth; some of the scanners are intrusive and can cause a crash in the systems. Not all scanners can provide you a complete vulnerability scan. There are many other vulnerabilities being discovered and a program or code is developed to slip packets through your firewall. Vulnerability scanning and risk management is a continual process and cannot be ignored in the present day internet environment.

Related Articles

Can You Find Out who is Intruding Your PC?
Effective Tips: Prevent Network Attacks with Firewalls
Top Network Security Products
Hacking and Network Security