Tenable Blog

We all receive and are annoyed by the amount of "SPAM" email in our in-box. One way to fight SPAM is to monitor large networks for evidence of compromised hosts that are being used to email out unwanted content. This blog entry shows how passive network analysis and log analysis can be used to look for specific types of events that can indicate SPAM originating from inside your network.

Watch for Changes in the number of Email "Clients"

Tenable's research group recently released a WMI based plugin for Nessus 3 that can determine the active wireless SSID for remote Windows devices. This allows an organization to obtain a list of active wireless domains for all Windows devices on their network. This blog entry discusses the security and auditing ramifications of this plugin.

Example Report

Tenable has released our first batch of audit policies which can test Windows 2000, 2003 and XP Pro systems for compliance with NIST best practice configuration standards.

Very often when I speak with Tenable customers about performing IDS or Event analysis, I ask them if they use the Time Distribution tool under the Security Center. This tool is used to identify any combination of low frequency events for any query or time period it works with raw IDS events under the Security Center as well as normalized log or network events under the Log Correlation Engine.

Nessus 3.2 will support scanning of IPv6 addresses. The current BETA (released as Nessus 3.1.3) can be used to perform scans of IPv6 addresses. This blog entry shows how to use the current Nessus 3.2 BETA to perform such a scan from the UNIX command line.

Why Scan for IPv6 Addresses?