Kalendarz SECURITY

Wrzesień 2017
P W Ś C Pt S N
28 29 30 31 1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 1

Partnerzy portalu

slide2 slide3 slide4

Login Form

Redaktor naczelny

piotr blaszczecPiotr Błaszczeć- specjalista ds. bezpieczeństwa IT, audytor systemów IT, Lead auditor ISO 27001, 20000, 22301 jednostki certyfikacyjnej CIs CERT i Quality Austria, biegły sądowy z zakresu przestępst przy użyciu sieci komputerowych, Administrator Bezpieczeństwa informacji w kilku podmiotach sektora prywatnego i publicznego, członek ISACA, ISSA, IIC, IIS, SABI.
e-mail:
www.blaszczec.pl

Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.

Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name. For downloads and more information, visit the Nessus homepage.

OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted. For downloads and more information, visit the OpenVAS homepage.

Core Impact isn't cheap (be prepared to spend at least $30,000), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. Other good options include Metasploit and Canvas. For downloads and more information, visit the Core Impact homepage.

Rapid7 Nexpose is a vulnerability scanner which aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. It integrates with Rapid7's Metasploit for vulnerability exploitation. It is sold as standalone software, an appliance, virtual machine, or as a managed service or private cloud deployment. User interaction is through a web browser. There is a free "community edition" for scanning up to 32 IPs, as well as Express ($3,000 per user per year), Express Pro ($7,000 per user per year) and Enterprise (starts at $25,000 per user per year) editions. For downloads and more information, visit the Nexpose homepage.

GFI LanGuard is a network security and vulnerability scanner designed to help with patch management, network and software audits, and vulnerability assessments. The price is based on the number of IP addresses you wish to scan. A free trial version (up to 5 IP addresses) is available. For downloads and more information, visit the GFI LanGuard homepage.

QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk. Internal scans are handled by Qualys appliances which communicate back to the cloud-based system. For downloads and more information, visit the QualysGuard homepage.

Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. For downloads and more information, visit the Secunia PSI homepage.

Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. For downloads and more information, visit the Retina homepage.

Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the Nipper user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases (including the GPLv2 version 0.10 source tarball). For downloads and more information, visit the Nipper homepage.