Tenable Network Security Podcast Episode 186 - "Reducing Your Attack Surface (and your heating bill)"
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
Announcements
- We're hiring! - Visit the Tenable website for information about open positions.
- Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
- Detecting Legacy Clients and Application - I was recently using PVS in a lab environment and noticed the wealth of legacy application information it provided me. This is great news for organizations, as you likely have some legacy systems and applications. It may be tough to find these with network scanning, firewalls, and no credentials for the systems. System owners may not be forthcoming either. However, with PVS you can find old versions of Firefox connecting to legacy web applications. The traffic never lies! How can folks leverage this to find their own legacy applications, and what do you do once you sense them?
- Disable "Stuff" Not In use - I'm a firm believer in reducing your attack surface. I like simple things, and this is a simple thing. If you're not using it, turn it off! Whether it's an entire system, a service, or parts of an application, turn it off. With all the technology in use today, you have to work towards reducing the attack surface in every aspect, including even using firewalls! What got me thinking about this? My new thermostat, a Nest, which it turns out has ZigBee installed by default, but not in use. Do I want attackers messing with my HVAC? No...
New & Notable Plugins
Nessus
General
- Google Chrome < 30.0.1599.66 Multiple Vulnerabilities
- RES Workspace Manager Agent Detection
- RES Workspace Manager Relay Server Detection
- WellinTech KingView ActiveX Multiple Arbitrary File Overwrite Vulnerabilities
- MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities
- DotNetNuke < 6.2.9 / 7.1.1 Multiple Vulnerabilities
- FireEye Web MPS GUI Detection
- Mac OS X 10.8 < 10.8.5 Supplemental Update
- Blue Coat ProxySG Remote DoS
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability (cisco-sa-20130925-cce)
- Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability (cisco-sa-20130925-ipv6vfr)
- Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20130925-nat)
- Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge)
- Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp)
- Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)
- Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp)
Passive Vulnerability Scanner
Vulnerability Detection
SecurityCenter Apps
Dashboards
Reports
Security News Stories
- Business RadioX's Results Matter Radio Features Atlanta Businesses and Organizations Serving the Local Community
- SAI Global Deploys Tenable Network Security to Combat Security Vulnerabilities and Compliance
- Tenable Network Security Names Attley Ng as Asia-Pacific Vice President
- AD Zone Transfers as a user
- FAA panel: Wi-Fi is safe on planes even during takeoff and landing
- 5 Wi-Fi security myths you must abandon now
- Symantec takes on one of largest botnets in history
- Iran's cyberwarfare czar is allegedly assassinated
Related Articles
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
OT:ICEFALL Research from Forescout Explores Insecure-by-Design State of Operational Technology
June 23, 2022The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities.
Configuring The Ports That Nessus Scans
June 21, 2021When only select ports require scanning, use these easy steps to define themWhen assessing targets with a network scanner like Nessus, a common question is "How do I control the ports that Nessus test...
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
April 23, 2024A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.
Operational Technology in the DoD: Ensuring a Secure and Efficient Power Grid
April 19, 2024In an evolving threat landscape, the DoD must make sure that its mission-critical operations don’t experience power outages.
Cybersecurity Snapshot: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security
April 19, 2024Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!
- Nessus Network Monitor
- Passive Network Monitoring
- Personal security
- Podcast
- Vulnerability Scanning