Tenable Blog

A new feature was introduced with the latest update to the Nessus web server (2.0.0) and Flash interface (build 20100913A) to provide "exploitability" information to the user. Each plugin now contains a field that indicates whether or not a publicly-known exploit for the vulnerability exists:

The value will either be "True" if an exploit exists or "False" if an exploit is not publicly known. Nessus checks select sources for the presence of an exploit and updates this field accordingly. I purposely chose a "Medium" level vulnerability for this example, as exploits do not only have to be associated with “High” level alerts. In the above case, the vulnerability is a denial of service condition for NTP (Network Time Protocol), which just happens to have an exploit publicly available.

Welcome to the Tenable Network Security Podcast - Episode 51

Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst

Announcements

• Several new blog posts have been published this past week, including:
  • Apple Security Update 2010-006, File Sharing and Mac OS X defaults
  • Announcing The Nessus iPhone App
  • Microsoft Patch Tuesday Roundup - September 2010 - "Silent but deadly" Edition
  • Nessus ‘Here You Have’ Worm Detection Plugin Released



• Please join Tenable's own Ron Gula, Renaud Deraison, Marcus Ranum and Paul Asadoorian for a Security Showcase on October 6, from 8:30am to 2:00pm at the New York Marriott East Side, 525 Lexington Ave. at 49th Street in New York City. Breakfast and lunch will be provided during this half-day FREE event. Contact Donal McRae (dmcrae -at- tenablesecurity.com) to reserve your seat (space is limited for this event).
• Be certain to check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Paul talks about the Brucon security conference, including Nessus training, presentations, and more!

Tenable is pleased to announce the official release of the Nessus App for iPhone! The application can be downloaded for free on the App Store and contains the following features:

• Connect to a Nessus server (4.2 or later)
• Launch existing scan templates on a server
• Start, stop or pause running scans
• Create and execute new scans and scan templates
• View and filter reports

You will need iPhone® or iPod touch® iOS 4.0 or later in order to run the app. Following are some screenshots of the application in action:

The first thing you will need to do is add a new Nessus server:

Many corporations spent last weekend playing “Whack-a-Worm”, attempting to eradicate the “Here You Have” worm. The major problem with viruses and worms is that once you think you have removed them from your network, another outbreak pops up. Nessus plugin 49211, “Here You Have Email Worm Detection”, has been added to the plugin feed and is available for both ProfessionalFeed and HomeFeed users. This plugin examines a Microsoft Windows system to detect the presence of the “Here You Have” worm. Note that you will need credentials on the target system for this plugin to work.

Awful, awful, awful.....Magic!

It was my wife’s turn to choose a movie the other night, which means there were no kung fu fight scenes, sword fights or car chases. Instead, there was a scene that depicted a father-to-be talking to a father of three children. The father with three children was explaining to the father-to-be what parenthood was really like and stated: "Parenthood is awful... awful… awful... but then there is this magical moment that makes it all worth it… then awful... awful... awful and repeat". Parents reading this, especially ones with small children, are probably laughing. However, I thought that the "awful, awful, awful, magic!" analogy also very accurately described penetration testing.