topic Patch / Vulnerability Scanner in Tech Talk

Patch / Vulnerability Scanner

patd — Mon, 08 Jan 2018 16:27:53 GMT

Hi, Does anyone have a recommendation for a patch / vulnerability scanner for off-line systems? I'm interested in running a list of patches needed for installed software. I specifically want something to augment WSUS that covers non-Microsoft products. I think MITRE used to publish a file that could be used with SCAP Scanner, but they no longer publish it. Any suggestions and recommendations would be appreciated.

- Pat

Re: Patch / Vulnerability Scanner

John — Mon, 08 Jan 2018 16:40:13 GMT

We're using Nessus Professional for our on-line/off-line systems. The learning curve is a little steep, but it works great.

If you don't have any budget for it, you could build a Kali Linux box and run scans as cron jobs that way, too.

Re: Patch / Vulnerability Scanner

jltrinka — Mon, 08 Jan 2018 16:51:11 GMT

Microsoft Baseline Security Analyzer (MBSA) may be what you are looking for if you are a Windows shop: https://www.microsoft.com/en-us/download/details.aspx?id=7558

Re: Patch / Vulnerability Scanner

StevenJ6052 — Mon, 08 Jan 2018 18:09:00 GMT

My team uses Nessus professional, after syncing the scanner from an online connection we move it to the stand alone systems and scan (our systems are stand alone networks, ie: not connected to. other networks, if yours is a standalone computer, I would recommend creating a dedicated network between the Nessus scanner you your target machine.

Re: Patch / Vulnerability Scanner

patd — Mon, 08 Jan 2018 18:30:21 GMT

I should add that I am trying to avoid buying a Nessus license which is very costly. I would prefer a low / no cost solution if there are alternatives out there since I have more than one system to scan. Also, MBSA only does Windows patches, and we have WSUS that gives us this info. I was hoping for a product that would check other vendor apps (Adobe reader, etc.) that require patches.

Kali Linux and Metasploit tools may be viable options, but I have not tried these yet. I was just hoping for several options to consider, and get a sense of what others have experienced with specific tools. I have read that several tools require a fair amount of fine tuning to reduce false positives, so first-hand experience feedback is appreciated.

Thanks to all who have replied so far.

- Pat

Re: Patch / Vulnerability Scanner

Adamantium — Mon, 08 Jan 2018 19:11:02 GMT

Have you looked at Qualys?

"Qualys FreeScan provides up to 10 free scans of URLs or IPs of Internet facing or local servers or machines. You initially access it via their web portal and then download their virtual machine software if running scans on your internal network."

Re: Patch / Vulnerability Scanner

patd — Mon, 08 Jan 2018 19:15:54 GMT

@Adamantium wrote:
Have you looked at Qualys?

"Qualys FreeScan provides up to 10 free scans of URLs or IPs of Internet facing or local servers or machines. You initially access it via their web portal and then download their virtual machine software if running scans on your internal network."

No, I haven't checked them. I'll give them a look.

Thanks for the suggestion.

- Pat

Re: Patch / Vulnerability Scanner

jltrinka — Mon, 08 Jan 2018 19:25:50 GMT

OpenVAS may be a good alternative for you. It's an open sourced fork of Nessus (from back in the day) and generates similar results.

Re: Patch / Vulnerability Scanner

HTCPCP-TEA — Mon, 08 Jan 2018 20:12:16 GMT

I'd agree OpenVAS is a good, no-cost solution for vulnerabilty scanning and Identification though it lacks some reporting features.

Nessus, as stated, is a good system and is very good at reporting on asset vulnerabilites.

Personally, I enjoy using Nexpose (InsightVM). Does a lot of the same things and reporting/management is good.

Both Nessus and Nexpose cost money, OpenVas is the no cost option. There are a load of other systems that so similar things so check what's on offer with each, weigh up cost/value add and happy hunting!

All of these systems tend to be OS agnostic too.

Re: Patch / Vulnerability Scanner

infosec_james — Mon, 08 Jan 2018 20:28:07 GMT

OpenVAS for the low cost option but Nessus is pretty much the gold standard. If you need to show proof of patching Nessus and its reporting capabilities makes the cost worth it.

Re: Patch / Vulnerability Scanner

praving5 — Tue, 09 Jan 2018 01:58:52 GMT

Microsoft no more provides SCAP content for scanning its products or other products on its platform. You would mostly need to work with a vendor. If it were non-MS system, you could use OpenSCAP for scanning and SCAP content from the respective vendors such as Red Hat and Ubuntu.

Re: Patch / Vulnerability Scanner

patd — Tue, 09 Jan 2018 20:23:44 GMT

Thanks to all who replied, there are several good ideas here.

I appreciate the feedback.

- Pat

Re: Patch / Vulnerability Scanner

tim2 — Fri, 09 Nov 2018 22:48:43 GMT

Im late here but you can try GFI Languard if its Windows/CentOS/Linux systems