Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

looking for a program to scan my network for vulnerabilities

Posted on 2016-08-01
6
Medium Priority
?
104 Views
Last Modified: 2016-09-03
Hi all, I'm looking for a program to scan my local network and report on computers that have weak passwords, or no patches or updates.

I have previously used GFI, but the latest version seems a bit overkill.

Any recommendations would be appreciated.  Thanks all.
0
Comment
Question by:Dan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 7

Expert Comment

by:Phil Davidson
ID: 41738328
I'm not sure if these are Windows computers, Macs, or Linux machines.  I'm not sure what about GFI's password scanning you don't like.  But I haven't tried it either.  You may want to consider Nessus, Acunetix WVS Authentication Tester tool, LC5, PWDUMP3, or CAIN.
0
 

Author Comment

by:Dan
ID: 41739511
Hi, Thanks Phil, it looks like those just do passwords, is there one that does patches and other stuff?
0
 
LVL 7

Expert Comment

by:Phil Davidson
ID: 41739913
For OS patches you could use these technologies:  Dell's Kace, Puppet, Ansible, Chef, SaltStack, WSUS, or others.  It is somewhat hard to recommend because I don't know what percentage of Linux/Unix vs. Windows vs. other Mac OS machines you have.  If deploying code is also desirable, Dell's Kace is and WSUS aren't options.  I think Dell's Kace is under-rated.  It can work with non-HP hardware and virtualized servers.  

Here is a link that compares numerous solutions.   Lumension is another option.  But these options don't look at passwords.

For port vulnerability scanning, I like nmap.  If you have a Linux/Unix machine, I would install nmap.  On a Windows machine, you could install Cygwin and then install nmap.

For one comprehensive tool to do all of these things you ask, I am not sure what to recommend.  Is that what you are looking for?  Can you describe what would be an ideal solution to deploy?  I know you don't care for GFI for what you need.

The tasks seem diverse.  There are single-point-of-view solutions these days.  Based on the number of machines you want to manage and how flexible you are with not using a single solution, you may be able to save a good deal of money and leverage different tools in a customized way.

Dell has a service call SecureWorks.  They can do patch management and penetration testing.  You may want to have a consulting company do penetration testing on a regular basis.  For staying on top of the latest vulnerabilities, us-cert.gov is a good website.   But translating the alerts into actual comparisons of what you have is a tedious job.  You may need to hire a dedicated security expert.

I would recommend having a firewall appliance that is separate from an intrusion detection system.  I would recommend looking at the logs of both regularly.  For an IDS, I would use Suricata.  If you have more money, Snort or other Cisco appliances may be useful.  

The Dell offerings have competition from other companies.  Such offerings may be comprehensive and competitive too.  You may want to backup router and switch configurations and then apply the latest or recommended firmware.  These obsolescent devices can be security threats.  

Beware of social engineering and SQL injection attacks.  There are ways to mitigate these big threats.  Please let me know if I can be of further assistance.
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 

Author Comment

by:Dan
ID: 41747980
Thanks Phil, that is allot of options, I'm still waiting on pricing from Dell for Kace, it looks good.  Most seem to be pretty similar to GFI SNMP stuff.  Same with pricing.

All the stuff I want to monitor is Windows 7, 8, 10 and a few 2008 R2 servers.

Do you like GFI?
0
 
LVL 7

Accepted Solution

by:
Phil Davidson earned 2000 total points
ID: 41748626
I'm sorry, but I don't know much about GFI.  

Dell's sales people should be able to answer your questions to ensure Kace can do what you want it to do.  If you are not sold on Dell's Kace or the other suggestions and you have time, I would look into different Microsoft offerings.  There are numerous details to consider.  I know some businesses give weight and preference heavily to certain criteria.  Some businesses don't mind using different combinations of solutions.  Depending on the budget, the number of servers, and your plans, different options may make more sense than others.  While I think Dell's Kace is underrated, Microsoft has a number of tools.  For a purely Windows data center, some of them might be competitive for what you want.
0
 

Author Closing Comment

by:Dan
ID: 41783115
Thanks Phil sorry for the slow responce, The Dell solution was the best, have a great one.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question