looking for a program to scan my network for vulnerabilities

Posted on 2016-08-01
Last Modified: 2016-09-03
Hi all, I'm looking for a program to scan my local network and report on computers that have weak passwords, or no patches or updates.

I have previously used GFI, but the latest version seems a bit overkill.

Any recommendations would be appreciated.  Thanks all.
Question by:Dan
  • 3
  • 3

Expert Comment

by:Phil Davidson
ID: 41738328
I'm not sure if these are Windows computers, Macs, or Linux machines.  I'm not sure what about GFI's password scanning you don't like.  But I haven't tried it either.  You may want to consider Nessus, Acunetix WVS Authentication Tester tool, LC5, PWDUMP3, or CAIN.

Author Comment

ID: 41739511
Hi, Thanks Phil, it looks like those just do passwords, is there one that does patches and other stuff?

Expert Comment

by:Phil Davidson
ID: 41739913
For OS patches you could use these technologies:  Dell's Kace, Puppet, Ansible, Chef, SaltStack, WSUS, or others.  It is somewhat hard to recommend because I don't know what percentage of Linux/Unix vs. Windows vs. other Mac OS machines you have.  If deploying code is also desirable, Dell's Kace is and WSUS aren't options.  I think Dell's Kace is under-rated.  It can work with non-HP hardware and virtualized servers.  

Here is a link that compares numerous solutions.   Lumension is another option.  But these options don't look at passwords.

For port vulnerability scanning, I like nmap.  If you have a Linux/Unix machine, I would install nmap.  On a Windows machine, you could install Cygwin and then install nmap.

For one comprehensive tool to do all of these things you ask, I am not sure what to recommend.  Is that what you are looking for?  Can you describe what would be an ideal solution to deploy?  I know you don't care for GFI for what you need.

The tasks seem diverse.  There are single-point-of-view solutions these days.  Based on the number of machines you want to manage and how flexible you are with not using a single solution, you may be able to save a good deal of money and leverage different tools in a customized way.

Dell has a service call SecureWorks.  They can do patch management and penetration testing.  You may want to have a consulting company do penetration testing on a regular basis.  For staying on top of the latest vulnerabilities, is a good website.   But translating the alerts into actual comparisons of what you have is a tedious job.  You may need to hire a dedicated security expert.

I would recommend having a firewall appliance that is separate from an intrusion detection system.  I would recommend looking at the logs of both regularly.  For an IDS, I would use Suricata.  If you have more money, Snort or other Cisco appliances may be useful.  

The Dell offerings have competition from other companies.  Such offerings may be comprehensive and competitive too.  You may want to backup router and switch configurations and then apply the latest or recommended firmware.  These obsolescent devices can be security threats.  

Beware of social engineering and SQL injection attacks.  There are ways to mitigate these big threats.  Please let me know if I can be of further assistance.
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Author Comment

ID: 41747980
Thanks Phil, that is allot of options, I'm still waiting on pricing from Dell for Kace, it looks good.  Most seem to be pretty similar to GFI SNMP stuff.  Same with pricing.

All the stuff I want to monitor is Windows 7, 8, 10 and a few 2008 R2 servers.

Do you like GFI?

Accepted Solution

Phil Davidson earned 500 total points
ID: 41748626
I'm sorry, but I don't know much about GFI.  

Dell's sales people should be able to answer your questions to ensure Kace can do what you want it to do.  If you are not sold on Dell's Kace or the other suggestions and you have time, I would look into different Microsoft offerings.  There are numerous details to consider.  I know some businesses give weight and preference heavily to certain criteria.  Some businesses don't mind using different combinations of solutions.  Depending on the budget, the number of servers, and your plans, different options may make more sense than others.  While I think Dell's Kace is underrated, Microsoft has a number of tools.  For a purely Windows data center, some of them might be competitive for what you want.

Author Closing Comment

ID: 41783115
Thanks Phil sorry for the slow responce, The Dell solution was the best, have a great one.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question