[Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 296
  • Last Modified:

Security audit

I have done an audit to our IT infrastructure (windows 2008, exchenge, sql Server, Citrix, cisco routers/switches, hp printers, hp servers with insight manager, vmware, BB BES)
They have detected diferent vulnerabilities:
- Null sessions active: It allow to get all usernames and passwords
- Updates patch not update
- Vulnerability on vmware vcenter. They can manage the console without username
- SNMP default communities (servers, switches, ...)
- Access to BB BES without username/password
- Mcaffee OPE no nell configured
- It can be possible to identify SQL Server 2005 version

Could you recomend me a free or not free utility or precedure that allow me to check my it infraestructure periodically to discover vulnerabilities just to work on them.

Best regards
1 Solution

Please use Nessus security scanner. This is PCI compliance. And freeware. (Free version is only one time 25 ip's scan, but seperate full scan.)


please register home user and give serial number. (or 1200 $ professional)
btanExec ConsultantCommented:
It will be a life cycle of document review, system verification and validation to have a more complete security assessment. Focus on critical services first. The link has a good summary of the procedure and tools relevant to sieve out as many gaps and esp low hanging fruits. Importantly, hardenkng guide from vendor is essential for health check too, CIS, STIG and NIST has many guidance, if interested.

madunixChief Information Security Officer Commented:
Look at Nessus; NeXpose; Qualys Guard; Retina Network Security Scanner; Saintbox; Shadow Security Scanner; Automated Scanning; FS 1000; Internet Scanner; LANguard


look @

1.      Nikto (Linux) http://www.cirt.net/nikto2
2.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
3.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
4.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
5.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
6.      AppScan from IBM http://www-01.ibm.com/software/awdtools/appscan/
7.      http://www.backtrack-linux.org/

Also look at http://projects.webappsec.org/Web-Application-Security-Scanner-List

Commercial Tools:
Acunetix WVS by Acunetix
AppScan by IBM
Burp Suite Professional by PortSwigger
Hailstorm by Cenzic
N-Stalker by N-Stalker
Nessus by Tenable Network Security
NetSparker by Mavituna Security
NeXpose by Rapid7
NTOSpider by NTObjectives
ParosPro by MileSCAN Technologies
Retina Web Security Scanner by eEye Digital Security
WebApp360 by nCircle
WebInspect by HP
WebKing by Parasoft
Websecurify by GNUCITIZEN

Software-as-a-Service Providers:
AppScan OnDemand by IBM
ClickToSecure by Cenzic
QualysGuard Web Application Scanning by Qualys
Sentinel by WhiteHat
Veracode Web Application Security by Veracode
VUPEN Web Application Security Scanner by VUPEN Security
WebInspect by HP
WebScanService by Elanize KG

Free / Open Source Tools:
Arachni by Tasos Laskos
Grabber by Romain Gaucher
Grendel-Scan by David Byrne and Eric Duprey
Paros by Chinotec
Zed Attack Proxy
Powerfuzzer by Marcin Kozlowski
SecurityQA Toolbar by iSEC Partners
Skipfish by Michal Zalewski
W3AF by Andres Riancho
Wapiti by Nicolas Surribas
Watcher by Casaba Security
WATOBO by siberas
Websecurify by GNUCITIZEN
Zero Day Scan
@gorhon: Nessus is not freeware for a business. Only for educational or personal use.

@soporteorbit: Follow the list provided by madunix.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now