?
Solved

Vulnerability Management Software

Posted on 2004-10-13
12
Medium Priority
?
320 Views
Last Modified: 2013-12-03
Hi Guys

Does anyone know of a product (Commercial or Freeware) that will allow you to input the details of your infrastructure (such as what software is in use etc) and then monitor for vulnerabilities and patches that match that list and alert you?

Many thanks

Ste
0
Comment
Question by:stewatts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +2
12 Comments
 
LVL 7

Expert Comment

by:shahrial
ID: 12296638
Dear Ste,
You may wish to use GFI LANguard Network Security Scanner (N.S.S.)
http://www.gfi.com/lannetscan/
- Automatically detect security vulnerabilities on your network
- Provides in-depth information about all machines/devices
- Patch management. ...;-)

0
 

Author Comment

by:stewatts
ID: 12296654
Hi

I am using this at the moment but I am looking for somethingt that will alert me without me having to constantly scan. For Example, I have some machines that GFI can access for various reasons, I still need to be alerted to any vulnerable software/hardware that they are running.

I need something that looks at all vendors, pulls down info on vulns, filters it to what we use and then report and alert. Not asking alot am I ;-)
0
 
LVL 1

Expert Comment

by:Edit-HTS
ID: 12296848
Maybe you should check out Retina Security Scanner.

It'll update automatically on startup and you can schedule updates, you can schedule scans and make it generate reports on each scan.

If the scans are taking too long you can manually configure (it's simple) which types of vulns it'll scan, e.g., web server, iis, etc.

You can download the demo version from http://www.eeye.com

There are also another couple of scanners that may help you out - they don't provide the functionality of Retina though, they are:

Core Impact
Nessus
NMap

-Edit
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:stewatts
ID: 12296884
As I mentioned previous I can't do scheduled scanned as some of the machines aren't reachable.

For example I have a web servers running IIS4 and IIS6. They can't be seen on the network but I need something that will alert me when a vulnerability comes out for IIS6 and IIS4.

The solutions here rely on the machines being scanned which isn't possible. Ideally I need a solution that pulls vulns from a central site or multiple vendors?
0
 
LVL 1

Expert Comment

by:Edit-HTS
ID: 12297050
Okay, my bad, I have a bad habit of not reading :)

The solution to your problem potentially lies within http://www.securityfocus.com's website.

I remember I downloaded a tool that was supposed to periodically check with Security Focus's website for updated vulns, I'll have a hunt around and post back if I find anything - sorry I couldn't help straight up.

-Edit
0
 

Author Comment

by:stewatts
ID: 12297309
No problem, I appreciate all of your help so far.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
ID: 12297563
You might want to look into something like the Lockdown appliance:
http://www.lockdownnetworks.com/

0
 
LVL 1

Expert Comment

by:sstoyanovich
ID: 12302384
Remember hfnetchk?  It's now been swallowed into MS Baseline Security Analyser.  But, it's still out there to be found, and I belive it still works.  When run, it outputs the results in text format.  With a little scripting, you can have this run daily on your machines, and have your script parse the output, and send you an email if it finds unpatched products.
0
 

Author Comment

by:stewatts
ID: 12305892
Thanks sstoyanovich

As mentioned above though this won't work as I can't scan the machines!

I think LRMOORE's answer is the closest to what I was after, I also found this web site: http://icat.nist.gov/icat.cfm?function=notification which does what I need to a degree.
0
 
LVL 1

Expert Comment

by:sstoyanovich
ID: 12306504
No, no.  You don't use hfnetchk to scan the machines from your machine.  You set up hfnetchk ON the machines, on their c: drives.  Deploy it as you would any other app that you need on all machines.  In fact, set up a schedule task on all machines to run iyour script daily/nightly/whatever.

Once it's ON the machines themselves, it will run.  And if they're off the network or turned off no big deal; they miss a run.  But as soon as they're back on, the next time they run it, it will be able to run and alert you.

You are not doing any scanning from a central location, and it allows you to "catch" all machines.

S
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question