Link to home
Start Free TrialLog in
Avatar of Dan
DanFlag for United States of America

asked on

looking for a program to scan my network for vulnerabilities

Hi all, I'm looking for a program to scan my local network and report on computers that have weak passwords, or no patches or updates.

I have previously used GFI, but the latest version seems a bit overkill.

Any recommendations would be appreciated.  Thanks all.
Avatar of Phil Davidson
Phil Davidson
Flag of United States of America image

I'm not sure if these are Windows computers, Macs, or Linux machines.  I'm not sure what about GFI's password scanning you don't like.  But I haven't tried it either.  You may want to consider Nessus, Acunetix WVS Authentication Tester tool, LC5, PWDUMP3, or CAIN.
Avatar of Dan

ASKER

Hi, Thanks Phil, it looks like those just do passwords, is there one that does patches and other stuff?
For OS patches you could use these technologies:  Dell's Kace, Puppet, Ansible, Chef, SaltStack, WSUS, or others.  It is somewhat hard to recommend because I don't know what percentage of Linux/Unix vs. Windows vs. other Mac OS machines you have.  If deploying code is also desirable, Dell's Kace is and WSUS aren't options.  I think Dell's Kace is under-rated.  It can work with non-HP hardware and virtualized servers.  

Here is a link that compares numerous solutions.   Lumension is another option.  But these options don't look at passwords.

For port vulnerability scanning, I like nmap.  If you have a Linux/Unix machine, I would install nmap.  On a Windows machine, you could install Cygwin and then install nmap.

For one comprehensive tool to do all of these things you ask, I am not sure what to recommend.  Is that what you are looking for?  Can you describe what would be an ideal solution to deploy?  I know you don't care for GFI for what you need.

The tasks seem diverse.  There are single-point-of-view solutions these days.  Based on the number of machines you want to manage and how flexible you are with not using a single solution, you may be able to save a good deal of money and leverage different tools in a customized way.

Dell has a service call SecureWorks.  They can do patch management and penetration testing.  You may want to have a consulting company do penetration testing on a regular basis.  For staying on top of the latest vulnerabilities, us-cert.gov is a good website.   But translating the alerts into actual comparisons of what you have is a tedious job.  You may need to hire a dedicated security expert.

I would recommend having a firewall appliance that is separate from an intrusion detection system.  I would recommend looking at the logs of both regularly.  For an IDS, I would use Suricata.  If you have more money, Snort or other Cisco appliances may be useful.  

The Dell offerings have competition from other companies.  Such offerings may be comprehensive and competitive too.  You may want to backup router and switch configurations and then apply the latest or recommended firmware.  These obsolescent devices can be security threats.  

Beware of social engineering and SQL injection attacks.  There are ways to mitigate these big threats.  Please let me know if I can be of further assistance.
Avatar of Dan

ASKER

Thanks Phil, that is allot of options, I'm still waiting on pricing from Dell for Kace, it looks good.  Most seem to be pretty similar to GFI SNMP stuff.  Same with pricing.

All the stuff I want to monitor is Windows 7, 8, 10 and a few 2008 R2 servers.

Do you like GFI?
ASKER CERTIFIED SOLUTION
Avatar of Phil Davidson
Phil Davidson
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Dan

ASKER

Thanks Phil sorry for the slow responce, The Dell solution was the best, have a great one.