August 29th, 2002, 08:55 PM
Hello all. I would like some information on some good vulnerability scanners for the Windows environment to evaluate my machines. I think it would be good for penetration testing and the like. Any help or information is appreciated. I have begun a preliminary search on google and found an http stealth scanner from astalavista, who knows what else I will find, but some direction would be helpful. Thanks.
August 29th, 2002, 09:01 PM
Guus pointed me to a program yesterday call Nessus. I didn't install it, but the doc's on it sound like it might be something you might want to look at. You can find it HERE
August 29th, 2002, 09:03 PM
All the ones that I have seen and used for windows are extremely expensive.
NAI's cybercop (I think it may be end of life now)
ISS's Internet Scanner.
ISS is a very nice scanner; however, it is uber expensive. If you got the dough (to get an unlimited travelling license), it is quite good...otherwise, you get an annoyance of only being able to scan certain things a certain number of times in a year...
If you are not talking about too many devices or if you have a little more time, nessus is a great freeware scanning tool that can do a great deal of the things that the commercial scanners do and tends to stay a little more up to date with the vulnerabilities (however it isn't windows).
There have been other miscelleanous scanners (for example STAT) for windows, but in general they weren't nearly as diverse as say ISS or nessus...
Hope this points you in the right direction...
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
August 29th, 2002, 09:22 PM
Cisco has one that can scan 5 hosts at a time for free.
Make sure you download both the scanner and 5 host license file
Work... Some days it's just not worth chewing through the restraints...
August 29th, 2002, 10:04 PM
Thanks to all for the information and direction.
August 29th, 2002, 10:28 PM
I have found a very nice shareware program called AATools. It has many, many functions and is very user friendly. Check it out here!
It runs on all windoze platforms...
August 30th, 2002, 12:00 AM
Try the above Gem, I use it when I need to know which machine to beat the Windows Admins over the head with.
in all seriousness the previous version (V2) was invaluable for helping us rid ourselves of a serious Nimda infection
August 30th, 2002, 12:16 AM
Try LANGuard for standard basic vulnerabilities. I quite like it.
Also, grab Typhon I, which is free, and I also think that you can get Typhon II demo now.
Both these are on windows platforms.
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]
August 30th, 2002, 01:14 AM
Just Go To www.sygate.com and do there test for your comp its a good one
[shadow]I Have Not Failed I Have Just Fond 10,000 Ways It Will Not Work[/shadow][
August 30th, 2002, 01:34 AM
I have used Nessus for several years now, both internally and with clients that have over 500 servers. I like Nessus for several reasons:
1: It is free
2: Vulnerability updates tend to come out within a few hours of an alert compared to weeks if not months from other vendors.
3: It can be as comprehensive or as unobtrusive as you like, you decide how you want it to run. I would recommend NOT doing DOS attacks on a live network as you will likely loose your job because of it.
There are 2 parts to Nessus, the server and the client. Both can run on the same machine if you like BUT the server only runs on a Unix, Solaris or Linux box at this time so if you don't have access to one of these systems you need to consider another product. I have run it without any probles over FreeBSD, Redhat and Solars. Netrecon is OK but expensive and has crashed more than one Netware server if it is way out of date on the patches and upgrades.
Best of luck,