Re: Host Based Vulnerability Scanner

Jeffrey Walton <noloader@xxxxxxxxx> writes:

On Mon, Dec 19, 2011 at 4:40 PM, Thugzclub Thugzclub
<thugzclub@xxxxxxxxxxxxxx> wrote:
Hi guys,

I am looking for a host based vulnerability scanning application.

I Nessus and other tools scan can network facing application and tell
you whether they are vulnerable or not but I am looking for a host
based solution similar to Secunia PSI
On Windows, consider Microsoft Baseline Security Analyzer (MBSA), MBSA will also
work over the network if the correct credentials are supplied, the
host firewall is open, and remote registry access is granted (IIRC).

MBSA is useful and free for Office and OS vulns, but it's probably
worth mentioning that third party web plugins (Java, Flash, Reader,
Quicktime etc, where most of the problems lie lately) are not covered
by MBSA.

Too many client sites I see aren't patching third party
plugins... mostly for want of resources to do it, a lack of awareness
of the seriousness of the problem, and the fact that patching those at
scale ... is FAR from simple. Microsoft WSUS+SCCM + a Shavlik
SCUPdates license is about as cheaply as you can get away with it
unless you have someone handy who has sufficient skill to create,
test, debug, and chase down failures in SMS packages.

If others have low cost solutions that give small businesses a chance
with these, please share!

Best Regards,
Todd Haverkos, LPT MsCompE

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442f727d1