Tenable Blog

"One, two, attackers are coming for you…"

In yet another record setting Patch Tuesday, Microsoft has provided fixes for 81vulnerabilities covering just about every supported Microsoft product. No matter how you slice or dice it, patches will need to be distributed throughout your environment on a large scale. There are several articles available to help you prioritize the installation of these patches. The matrix of which patches are important and the mitigating factors are simply dizzying and confusing. The Microsoft Research & Defense blog put up a post that details some of the attack vectors for each vulnerability and information about the mitigations. The blog tries to paint a prettier picture, but in the end, it’s an all-out bloodbath of vulnerabilities, exploits and patches.

Welcome to the Tenable Network Security Podcast - Episode 52

Hosts: Paul Asadoorian, Product Evangelist

Announcements

• Several new blog posts have been published this past week, including:
  • New Tenable eCommerce Site Supporting Nessus ProfessionalFeed Renewals
  • New Nessus Feature: Public Exploit Availability
  • BruCon 2010 Training & Conference Wrap-up



• Be certain to check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

A new feature was introduced with the latest update to the Nessus web server (2.0.0) and Flash interface (build 20100913A) to provide "exploitability" information to the user. Each plugin now contains a field that indicates whether or not a publicly-known exploit for the vulnerability exists:

The value will either be "True" if an exploit exists or "False" if an exploit is not publicly known. Nessus checks select sources for the presence of an exploit and updates this field accordingly. I purposely chose a "Medium" level vulnerability for this example, as exploits do not only have to be associated with “High” level alerts. In the above case, the vulnerability is a denial of service condition for NTP (Network Time Protocol), which just happens to have an exploit publicly available.

Welcome to the Tenable Network Security Podcast - Episode 51

Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst

Announcements

• Several new blog posts have been published this past week, including:
  • Apple Security Update 2010-006, File Sharing and Mac OS X defaults
  • Announcing The Nessus iPhone App
  • Microsoft Patch Tuesday Roundup - September 2010 - "Silent but deadly" Edition
  • Nessus ‘Here You Have’ Worm Detection Plugin Released



• Please join Tenable's own Ron Gula, Renaud Deraison, Marcus Ranum and Paul Asadoorian for a Security Showcase on October 6, from 8:30am to 2:00pm at the New York Marriott East Side, 525 Lexington Ave. at 49th Street in New York City. Breakfast and lunch will be provided during this half-day FREE event. Contact Donal McRae (dmcrae -at- tenablesecurity.com) to reserve your seat (space is limited for this event).
• Be certain to check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Paul talks about the Brucon security conference, including Nessus training, presentations, and more!