Detecting Compromised Windows Hosts
December 19, 2006Tenable recently added a credentialed Windows check (Nessus ID #23910) to find systems that have been infected by certain viruses. The check considers the contents of the file: SYSTEM32\Drivers\etc\H...
Passive Discovery of Copyrighted and Potential Data Leakage Files
December 15, 2006The Passive Vulnerability Scanner (PVS) can be used to discover web servers hosting files which may be copyrighted or as potential sources of data leakage events. Such material may contain sensitive i...
Combining Data from Separate Event Logs
December 14, 2006I recently encountered logs from a Buffalo Wireless Access Point. DHCP leases and MAC address associations generate logs like this: AP00160114430C : WIRELESS: wl0: 11g : Associated User - 00:04:23:76...
Nessus 3 SCADA Plugins
December 11, 2006Tenable has released 32 plugins for Nessus 3 which specifically test SCADA devices. These plugins were the result of a four month research contract between Tenable Network Security and Digital Bond. T...
Marcus Ranum Presentation - Six Dumbest Ideas in Network Security
December 11, 2006Tenable's CSO, Marcus Ranum, discusses many of the trends, assumptions and misconceptions about computer security facing us today. Mr. Ranum discusses why security mechanisms fail and why it is such a...
RSS Feed for Passive Vulnerability Scanner vulnerability checks
December 7, 2006Tenable has made an RSS feed of vulnerability plugin updates available for the Passive Vulnerability Scanner. The feed is located at: http://www.tenablesecurity.com/pvs.xml Tenable customers who manag...
Enterprise Software Discovery with Nessus
December 6, 2006If you are performing credentialed patch audits with Nessus, you can also create an inventory of installed software on each of your UNIX and Windows hosts. This blog post will review how Nessus can pe...
Log Correlation Engine Rules Update
December 1, 2006Tenable has released several new PRM libraries and TASL scripts. This blog entry details the changes and how Tenable customers can obtain them. PRM Updates dns_bind.prm New rules to parse zone trans...
SANS Top 20 2006 Q4 Update and Scanning Polices
November 30, 2006The SANS organization released an update of the "Top 20" list of security issues organizations should be concerned about. The updated list includes many specific vulnerabilities, as well as ...
Interview with Thomas Ptacek
November 29, 2006Over the next few months, Tenable will be interviewing many different industry leaders in the information security field. Our first interview is now available. Our guest was Thomas Ptacek of Matasano ...
Advanced Dynamic Asset Rules
November 28, 2006The Security Center can use the vulnerability data obtained by Nessus scans, Nessus patch audits and the data obtained by the Passive Vulnerability Scanner (PVS). Combinations of specific IDs, DNS nam...
Scanning Your Network For Copyrighted Material
November 27, 2006Note: This blog was first posted on November 27, 2006. Since then, plugin ID #11777, which enumerates files that potentially represent copyright violations, has been rewritten.  It is now depende...