Nessus Now Audits Palo Alto Networks PAN-OS Configurations

by Paul Asadoorian
February 21, 2013

Tenable Nessus ProfessionalFeed customers can now audit the configuration of PAN-OS™-based Palo Alto Networks firewalls. Nessus can audit the firewall operational configurations and allow Palo Alto firewall reports to be embedded into Nessus reports.

Nessus 5.0.3 Is Now Available

by Paul Asadoorian
February 19, 2013

Nessus 5.0.3 is now available for download. This update contains some new capabilities, as well as bug, stability, and security fixes.

Auditing Microsoft Office Configurations Using Nessus

by Paul Asadoorian
February 8, 2013

Microsoft® Office® is ubiquitous in today’s work environment. Although MS Office applications offer many security configuration options that can reduce the likelihood of exploitation, the default configuration settings typically don’t provide a strong security posture. The requirements and recommendations documented in common regulations and security guides are a great start to securing your Office installations. Tenable customers can also measure and evaluate the security of their Microsoft Office Suite environment using Nessus® and Tenable SecurityCenter™ audit compliance policy files.

New Nessus Plugins Audit Your Patch Management System Effectiveness

by Paul Asadoorian
January 30, 2013

Nessus integrates with many popular patch management solutions, including IBM Tivoli Endpoint Manager (TEM), Red Hat Network Satellite server, Microsoft WSUS / SCCM, and VMware Go. The new Nessus "Patch Management Windows Auditing Conflicts" and "Patch Management Auditing Satisfied" plugins automatically cross-reference vulnerabilities from credentialed patch audits with patch information from your patch management system on the same asset, reporting discrepancies in a single report.

Using Nessus to Audit Microsoft SharePoint 2010 Configurations

by Paul Asadoorian
January 23, 2013

Trust, but Verify

Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit Microsoft SharePoint server configurations. The audit policy uses both operating system and database information from a SharePoint server farm and compares it against the settings specified in the DISA STIG guide for Microsoft SharePoint 2010 servers. This blog entry discusses some of the Nessus functionality that was used to create the audit file.

Tracking Wireless SSIDs Using Nessus

by Paul Asadoorian
January 14, 2013

Nessus has plugins that can pull out current (or previously used) wireless service set identifiers (WiFi SSIDs) that Windows and OS X systems have connected to in the past. The following plugins are used: Mac OS X Wireless Networks List (63340) - This new plugin reports a history of wireless networks used by the target system, and Windows Wireless SSID (WMI) (25197) - Using WMI, this plugin reports the existing wireless network the target host is currently using.

Detecting Compromised SSL Certificates Using Nessus

by Paul Asadoorian
December 13, 2012

When Thieves Target SSL Certificates

SSL is one of the most commonly used protocols to provide encryption for a variety of different applications. As such, it has come under great scrutiny over the years. While SSL misconfiguration is commonplace, one of the more recent attacks against SSL is to steal the Certificate Authority (CA) certificate. (In a paper released in July 2012, NIST warned that this type of attack would increase). Access to this certificate allows the attacker to issue valid certificates, and in the case of a code-signing certificate, use it to sign malware. Malware executing with this level of trust increases the chances of successfully being installed on the system. Other CA certificates are used to generate website certificates used by attackers to impersonate secure access to a given website.

Configuration Auditing Cisco Nexus Operating System (NX-OS) with Nessus

by Paul Asadoorian
December 10, 2012

Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit device configurations based on Cisco Nexus Operating System (NX-OS). Cisco NX-OS runs on high-end Nexus switches, MDS storage switches, and Cisco UCS networking. This audit follows most of the recommendations that are included in the Cisco Guide to Securing Cisco NX-OS Software Devices. This blog entry discusses some of the Nessus functionality that was used in creating the audit file.

Nessus VMware vCenter Patch Auditing Now Available

by Paul Asadoorian
November 30, 2012

Nessus supports vCenter integration, enabling patch checking for enterprise virtualization environments.

Recently, new plugins for Nessus were released which add support for VMware's vCenter product. Nessus users can now enter credentials for vCenter servers, allowing Nessus to perform patch audits against all of the ESXi servers being managed by vCenter. Configuring the scan simply requires a Nessus policy to be created with the appropriate credentials: