Domain: tenablesecurity.com
Stories and comments across the archive that link to tenablesecurity.com.
Comments · 5
-
Re:market share v. reality
If you join an externally facing webserver to a domain you're just asking to get owned... If someone manages to compromise that box, then it becomes very easy for them to use that to take over the whole domain and then you are in serious trouble.
Also WSUS is known to be flawed, take a network with several hundred boxes, ensure every machine is fully patched according to WSUS, now do a patch audit with something like nessus. http://blog.tenablesecurity.com/2009/07/when-patch-auditing-tools-collide.html#more
On the other hand, the update facilities on almost any linux distro are far more comprehensive and reliable than what windows provides, plus its easier to remove stuff you dont need (and therefore no longer need to update it).
-
Sussen?
I was about to go kick off Sussen but it seems MMG Security have beaten me to it:
Created On:24-Dec-2004 01:24:29 UTC
Last Updated On:26-Sep-2005 11:55:35 UTC
Expiration Date:24-Dec-2006 01:24:29 UTC
They've just released on 26 September 2005; hopefully it's a fork of Nessus rather than an unimaginative name for a new project, but I suspect the latter.
Who the fsck are Tenable anyway? I haven't heard of them before today and with any luck I won't hear of them again. If they didn't like the license they should not have released their Intellectual Property under it, and then someone else would have and they wouldn't have enjoyed the free publicity. Have they not seen how well MySQL is doing off the back of an Open Source product? Sounds to me like the problem isn't with the license...
This raises an interesting question about vulnerability scanning though... who could really care less about the scanning engine or how long it takes - the patterns are where it's at; so long as we keep the patterns up to date security doesn't suffer at the hands of this greedy company.
Incidentally, I like the way they're still advertising Nessus as 'THE Open Source Vulnerability Scanner' on their site. -
GPL Screws Tenable and Tenable Screws GPLA month ago I submitted a story (rejected, alas) about Tenable intentionally breaking the GPL version of Nessus:
When the 2.2.5 version of Nessus was released, Brian Weaver (formerly of OpenNMS fame) was puzzled why the GPL version wouldn't scan. After hacking through the source code, Weave found the answer: strong evidence suggesting Tenable Security, the sponsors of the GPL version of Nessus as well as a commercial version, deliberately crippled the GPL version of Nessus. With stunts like this, would you trust Tenable to protect your network?
-
Re:It is already in the works - I've seen itSee RNA description for more details. A similar passive sniffer product is Tenable Security's NeVO.
These kinds of products seem a good way of finding out what software is really on your network. They can look at banners as well as p0f-style operating system versions. And hence deduce whether you have applied all the patches.
Smaller organisations with good control on software versions might find them overkill and just use arpwatch or DHCP logs instead.
I don't think they will eliminate the need for active vulnerability scanning to check for software configuration errors which don't depend on version. I'd be interested to hear other people's experiences. Or if anyone is working on tools and common database schemas for describing network topologies and inventories.
-
Re:fun fun
What about the windows port of Nessus, NeWT? NeWT Pro is a little on the pricy side ($6000), but is only needed by those that will need to scan multiple subnets.