Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Solaris Software Enumeration with Nessus

Tenable's research group has released several hundred new plugins for Nessus in the last few days. One of them in particular is very useful for Solaris environments.

Plugin #29217 enumerates all installed software packages on Solaris operating systems. It leverages SSH credentialed scanning to obtain these results.

This plugin joins similar plugins for Windows and Unix that leverage a variety of credential types, even including software enumeration via SNMP for Windows if you have such a network.

Previously we have blogged about how enterprise software discovery can be performed with Nessus network scans, credentials scans and continuous passive network analysis with the Passive Vulnerability Scanner.

A key point of these blogs is to be able to use products like the Security Center to automatically classify your systems into unique asset groups based on the software installed on them. For example, the Security Center can use the output from this Solaris plugin to classify Solaris systems that do or don't have a certain Tivoli agent installed on them. This allows complex enterprise networks to be simplified so the process of patch auditing, configuration auditing and event/log analysis can be performed much easier.

Plugin #29217 is currently available to Nessus Direct Feed and Security Center users.