Nessus, MBSA, GFI LANguard vulnerability scanners
December 16, 2010 by Network Security
Filed under Vulnerability scanners
Nessus :
Nessus was a popular free and open source vulnerability scanner until they closed the source code in 2005 and removed the free “registered feed” version in 2008. A limited “Home Feed” is still obtainable, though it is only licensed for home network use. Some people avoid paying by violating the “Home Feed” license, or by avoiding feeds entirely and using the plugins included with each release. But for most users, the cost has increased from free to $1200/year. Despite this, Nessus is still the best UNIX vulnerability scanner obtainable and among the best to run on Windows. Nessus is constantly updated, with over 20,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.
MBSA :
Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use device designed for the IT professional that helps tiny & medium-sized businesses select their security state in accordance with Microsoft security recommendations & offers specific remediation guidance. Built on the Windows Update Agent & Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) & Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week.
GFI LANguard :
GFI LANguard scans IP networks to detect what machines are jogging. Then it tries to discern the host OS & what applications are jogging. It also tries to collect Windows machine’s service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users & groups, & more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects & installs missing patches. A free trial version is available, though it only works for up to 30 days.
