Tenable Blog

Drum Roll Please...

Being the Product Evangelist for Tenable Network Security gives me some interesting insight into how the community views the features of our products. I meet some people who provide us with awesome suggestions for improvements and I also meet some people who scan their networks at semi-regular intervals using the default set of policies, unaware of the huge variety of features that Nessus includes.

Hence the project I have been working on: with help and support from the community and my fellow co-workers at Tenable, I have developed what we understand to be a list of the top ten things that people may not know about Nessus.

In part one, I want to explore the differences between traditional network-based scanning and scanning with credentials. So, in traditional David Letterman top ten fashion, we’ll start with number 10!

#10. There's More Than One Way To...

Welcome to the Tenable Network Security Podcast - Episode Episode 92

Hosts:

• Paul Asadoorian, Product Evangelist
• Ron Gula, CEO/CTO
• Carlos Perez, Lead Vulnerability Researcher

Announcements

• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. The latest two videos are updates to older videos and cover basic vulnerability scanning and local patch auditing using Nessus.
• We're hiring! - Visit the Tenable web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics and more!

A few interesting notes on this month's Microsoft Patch Tuesday release:

• Windows DNS servers are vulnerable to remote exploitation. However, they must implement a specific configuration.
• We've released a new plugin to detect the Remote Desktop Web Access service on Windows.
• Another five vulnerabilities in Internet Explorer have been fixed. I believe this to be one of the more critical things to patch. While Microsoft claims there are no known exploits, no one can be certain.

To further aid in your efforts to evaluate the exposures presented by the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published Nessus plugins for each of the security bulletins issued this month:

• MS11-057 - Nessus Plugin ID 55787 (Credentialed Check)

BackTrack 5, code name "Revolution", is a very popular Linux distribution used primarily for penetration testing. It contains a lot of different tools for scanning, testing, and exploiting everything from web applications to wireless networks. Since the creators of BackTrack 5 included such a vast array of tools, I thought it would be interesting to show how some of those tools can be integrated with your Nessus server to extend functionality and import results.

Importing Nmap Results

There are many occasions where Nmap is used to scan specific hosts or a large network of hosts. The XML results from Nmap can be imported into Nessus and used as the basis for vulnerability scanning. If you are going to use Nmap results this way, you can disable Nessus's built-in port scanners and host identification functionality, relying solely on your Nmap results to perform the scan:

Burying Stumps

Recently I've been planning and executing a plan to fix some of the landscaping around my house (as a side note, try not to plan this to happen in the middle of July when it’s 90 degrees). In talking with people who have experience with landscaping projects we seem to always hit the topic of digging up and burying stumps, and whether this is a good idea or a bad idea. For the short term, it seems like a good idea. The stumps take up space in the ground so you need less fill (which saves money), burying is cheaper than grinding them down or having them hauled away, and you don't have to look at an ugly stump. The downside is that 7-10 years down the road, the stumps begin to rot and you are left with sinkholes in your yard.