For free (and over most commercial scanners too) nothing in my eyes beats
Nessus.
Just add SMB credentials for the scan to have admin rights to the
workstations/servers in question.
Google away for Nessus documentation.
I also prefer the output of the Java client NessJ.
That is my two cents on the subject.
UB
----- Original Message -----
From: <Andy.Kitzke@insinkerator.com>
To: <pen-test@securityfocus.com>
Sent: Wednesday, May 23, 2007 2:48 PM
Subject: Question about vulnerability scanning
I had a question and was looking for some information pertaining to it. I
have no doubt that this has been covered in the past, but I can't find any
emails with it right now.
I'm looking for a good vulnerability scanner that I can run from a single
workstation/server. I would like somewhat detailed reports about what
patches are missing and if Anti-Virus is installed. I know there are many
solutions out that can be purchased but I'm wondering what free solutions
exist and how well they stand up to paid for solutions.
If anyone has any information on or white papers about any solutions let
me know.
Thanks!
Andy
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
