Reverse NAT Detection With Nessus
March 19, 2008Nessus plugin #31422 named "Reverse NAT/Intercepting Proxy Detection" enables Nessus users to scan remote IP addresses and determine if they are forwarding multiple ports to different intern...
Nessus 3.2 Now Available!
March 12, 2008Tenable Network Security is proud to announce the availability of Nessus 3.2.0, as well as NessusClient 3.2.0. Nessus 3.2.0 is a major release, containing several changes from Nessus 3.0.x : New Featu...
Testing Windows Vista systems for FDCC compliance with Nessus
February 29, 2008Previously, I posted a blog which showed how Nessus Direct Feed and Security Center users could audit Windows XP Pro systems against FDCC compliance settings. In this blog entry, we will show how this...
ShmooCon - Network Monitoring Notes
February 27, 2008Another ShmooCon has come and gone. Tenable had the opportunity to run our products on the ShmooCon network. We deployed two blades which ran Nessus, the Passive Vulnerability Scanner, the Security Ce...
Tenable CIS and FDCC Updates
February 14, 2008Tenable Network Security was recently awarded certification by the Center For Internet Security to perform audits of the following best-practices benchmarks: Windows Server 2003 Legacy Benchmark fo...
Come See Us At Shmoocon!
February 12, 2008Myself and several Tenable Network Security employees will be attending Shmoocon later this week.  As a conference sponsor, we'll be giving away cool items at our table such as iTunes gift cards ...
Security Metrics - Differentiating New Vulnerabilities from Change
February 8, 2008<p>When you perform vulnerability discovery via network scanning, passive network monitoring or patch auditing, the discovered vulnerabilities can each be classified if they were newly discovered, or if they were previously known about. If you have historical vulnerability data, such as with the <a href="http://www.nessus.org/products/sc/">Security Center</a>, you can also classify vulnerabilities that have been previously known about, but were somehow mitigated or are no longer present. In this blog entry, I will discuss a variety of ways to analyze new vulnerabilties, and to also analyze how vulnerabilities are being mitigated. </p>
Security Metrics - Counting Security and Compliance Incidents
February 7, 2008<p>Many IT security managers I speak with want to produce some sort of graph or statistical data that records the amount of security incidents occurring on the network. This data is used to not only inform management of business risk, but to also justify budget for ongoing security and compliance activities. In this blog, we will consider several high-level sources of "incident data" and discuss their relevance for tracking in the enterprise. </p>
Security Metrics - How Often Should We Scan?
February 5, 2008<p>I get this question from Nessus users and Tenable customers very often. They want to know if they are scanning too often, not often enough and they also want to know what other organizations are doing as well. In this blog entry, we will discuss the many different reasons why people perform scans and what factors can contribute to their scanning schedule.
Nessus UNIX Configuration Auditing "sudo" Support
January 31, 2008Tenable's research group recently added support to all SSH enabled UNIX configuration audits to make use of "sudo". Support is available in version 1.4.4 of the UNIX compliance checks. Some org...
NIST FDCC Implementor's Workshop Notes
January 25, 2008I attended the January 25th, NIST Federal Desktop Core Configuration Implementers Workshop this past week and wanted to share some of my thoughts and take-aways from it. Some Organization...
200th Blog Entry and 30,000th Nessus Plugin ID
January 22, 2008This blog entry marks the 200th post for this blog. I've been very pleased with the content we've created for our Nessus users and customers. The feedback I've received is that the content here is use...