Tenable Blog

Over the past few months, fields in Nessus reports indicating whether or not an exploit exists for a given vulnerability have continued to evolve. We first announced this feature in October 2010 in a post titled New Nessus Feature: Public Exploit Availability. Ron Gula then wrote a follow-up post called ”If an exploit falls in the forest, does anyone hear it being patched?”, that described the usefulness of the information contained within the "Exploit available" and "Exploitable With" fields in Nessus plugins.

The Nessus interface has now received an update that will display the "Exploitable With" field directly in the report (prior to the latest version, this field was only contained in the HTML export).

Click for larger image

And the race is on to apply patches to the Microsoft Windows systems in your environment! One of the bulletins this month, MS011-04, fixes remotely exploitable issues in the IIS FTP service. To me, FTP falls in the same category as Telnet, which is "You should be using SSH instead". Despite the lack of security that FTP offers, it still appears to be wildly popular decades later. I performed some searches using "SHODAN", "The Computer Search Engine", which scours the Internet looking for open ports, services and banners. I told it to find systems with port 21 (FTP) open and got the following results:

• United States: 27,355
• China: 15,341
• India: 11,122
• Egypt: 10,476
• Thailand: 10,068

I appeared on Risky Business episode 181 for the "sponsor interview" segment of the show. I really enjoy talking to Patrick Gray - he asks great questions and we always have a great chat. This time around I discussed some topics regarding defensive measures that actually work, including:

Welcome to the Tenable Network Security Podcast - Episode 68

Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO, and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Nessus App for iPhone - The Video
  • Passively Detect all of your Exploitable Vulnerabilities - PVS 3.4 Released
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Kaspersky Source Code Leaked - Turns out an former employee had distributed copies of the software. This is a tricky thing to defend against, since how do you know if one of your employees is stealing source code? Sure, many would say that you need to limit and control access to the source code, but you still need to allow the developers to access it. Now, antivirus software in particular probably gets a high bounty on the computer underground because if you could analyze the source code directly, you stand a better chance of making malware that is more resilient. The former employee of Kaspersky was arrested and sentenced to three years in prison.