Posts Tagged ‘Tenable’

We often hear about vulnerabilities in client software, such as web browsers and email applications, that can be exploited by malicious content. The repeated stories about botnets, infected web sites, and viruses which infect us with malicious documents, movies, and other content have ingrained the concept of an exploitable client in our minds.

In this blog entry, we will discuss auditing client software for vulnerabilities and describe the three different types of client-side exploits and how they can impact the risk of your network.

Auditing Client-Side Exploits

The largest misconception I’ve encountered from security auditors who test client-side software is a focus on the operating system or application. Nessus audits hundreds of different manufacturer patches and will readily identify issues in an operating system that were not shipped with the operating system.

The solution is to perform a complete patch audit of a scanned system. Passive Vulnerability Scanner will identify client vulnerabilities based on DNS lookups, web queries, dedicated client protocols, and analysis of unencrypted conversations over FTP, SMTP, IMAP, SMB, and many others.


Type 1 – Traditional Client-side Exploits

These exploits target browsers, browser plugins, and email clients. Today, there is a fine line between email and web applications since many email applications share libraries when viewing emails that have been formatted with HTML content.

Type 2 – Clients with Exposed Services

Many types of client software will actually open up a socket and run a service that communicates on the network. If the host is directly connected to the Internet or to mobile broadband networks and it does not have a firewall, it may be attacked directly without any need for user interaction such as opening an email.

Within Nessus 5, this can be refined further within your scan policy by adding a filter for a “plugin type” of “remote” as compared to a credentialed “local” check. Combinations can be further added to target specific classes of software.

Type 3 – Clients Exposed to Hostile Servers

This type of client exploit may seem very similar to our first type, but the differentiation is that the server isn’t hosting hostile data –- the server itself can be manipulated to attack a client directly.

Vulnerabilities like this can be used to hop through firewalls in a much more direct manner than by attempting to compromise an administrator’s system with some sort of Internet-based social engineering exploit. If the administrative access to the DMZ systems is allowed from an internal network and there is vulnerable client software in use, a DMZ server under control of an attacker could modify the service to conduct attacks against the client.

Some example vulnerabilities detected by Nessus that could be used to run code from a maliciously controlled server:

Code execution in FTP clients:
21565 FileZilla FTP Client Unspecified Overflow

Code execution in SSH clients:
37021 FreeBSD : putty — buffer overflow vulnerability in ssh2 support (19518d22-2d05-11d9-8943-0050fc56d258)

Code execution in SNMP clients:
38099 USN-685-1 : net-snmp vulnerabilities

Code execution in web clients:
49102 USN-982-1 : wget vulnerability

45133 Firefox < 3.6.2 Multiple Vulnerabilities
51162 MS10-090: Cumulative Security Update for Internet Explorer (2416400)

To find out further code that can help your organization to enhance your network security  explore the information given below in




Read Full Post »

Tenable Network Security, Inc., the leader in Unified Security Monitoring(USM), today announced the availability of the Nessus® 5.0 vulnerability scanner, new version of Industry’s Most Widely-deployed Vulnerability and Configuration Assessment Solution Enhances Usability, Policy Creation, Efficiency, and Communication.

“Version 5.0 builds on the solid foundation Nessus has established for quality and accuracy, and now makes it easier and faster to install and use.”

Nessus 5.0 delivers top-line business benefits by introducing enhancements that streamline and optimize each of the major phases of thevulnerability and configuration assessment process. Specific benefits include:


  1. Streamlined startup – New installation wizard and web interface ensure Nessus 5.0 is up-and-running, completely configured in minutes.
  2. Rapid policy creation – More than two dozen new plugin filters make it fast and easy to create policies for targeted scans. Selecting multiple filter criteria, such as, vulnerability publication date, public vulnerability database ID, information assurance vulnerability alert (IAVA), and more, makes it simple to identify easily-exploitable vulnerabilities.
  3. Industry-leading efficiency – Real-time scan results combined with on-the-fly filtering allow users to quickly see risk level and act upon vulnerability data without waiting for the scan to complete. One-click navigation makes it easy to jump from critical vulnerability to vulnerable host to the details of the vulnerability. Five severity levels quickly separate informational data from actionable results.
  4. Fully customizable reports – Multiple filters, results management, and new pre-configured report formats allow users to produce targeted reports tailored to fit the needs/interests of executives, systems administrators, and auditors. Users can also combine multiple report templates into a single, comprehensive report, which can be delivered in a variety of formats, including PDF.

LCE Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:

  1. Event Processing Speeds in Excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfiguration.
  2. ‘Smart’ Load Balancing goes beyond simple “round robin” server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers.
  3. Enhanced Event Full-text Search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data. 

These updates, along with additional functionality enhancements embedded in LCE Version 4.This integration delivers two key business benefits: 

  1. Cost Savings: Integration between log correlation and vulnerability management improves operational efficiency and reduces costs by eliminating the need for a standalone log management solution that requires additional staffing and financial resources.
  2. Rock-Solid Security:The integration of log correlation data with vulnerability intelligence results in streamlined compliance, faster and more reliable attack mitigation and detection, and deeper intelligence and reporting on existing and emerging risks. 

If you want to access to the full detailed topic over of the above information, please feel free to subscribe for our free newsletter and get access to the professional reading book: database security. The article is cater for vulnerabilities, threats, and compliance data, delivering real-time network vulnerability intelligence and threat correlation. 

For more information please visi





Read Full Post »

Tenable SecurityCenter

Large enterprises, companies and organizations that utilize the Tenable Network Security because it can help address the threat of modern malware and the increasing prevalence of targeted attacks stand to gain in a number of important ways. By using this solution, Tenable Network security can:

  • Reduce risk or common attack paths used by modern malware and targeted attackers can be identified and closed thereby reducing the window of opportunity for hackers, spies, and thieves.

  • Reduce TCO by proactively reducing the number of security incidents an organization has and improving operational efficiency, with Tenable there is no need to invest in separate attack path analysis or penetration testing tools.

  • Demonstrate compliance whereby Administrators can fulfils and document adherence to policies, regulations, and requirements pertaining to access control, boundary defences, continuous monitoring, and truly effective vulnerability management.

 What are the Tenable Network Security Solution Benefits?

Tenable Network security solution had several compelling features or benefits such as identifying vulnerabilities, translating them into risks, communicating the risks to management and the business, remediating key vulnerabilities, and monitoring the status in a highly efficient way to fulfil the current security and business needs. These unique benefits included:

  • Gathering valuable information, without disrupting the business – Tenable’s passive monitoring provides valuable real-time information, providing better situational intelligence without disrupting the organization.
  • Developing risk metrics – Using Tenable has allowed translating vulnerabilities into risks and developing quantifiable risk metrics that can be used by management.
  • Reporting capabilities – Tenable’s reporting capabilities enable vulnerabilities to be identified and quickly communicated to the right level in the organization. Reporting allows for prioritization of which vulnerabilities to remediate, and on what time frame.
  • Satisfying customers – Use of Tenable solutions enables companies and large corporation to easily and effectively satisfy their respective customers and clients.
  • Providing great flexibility – Nessus and the Passive Vulnerability Scanner provide the ability for users to write custom scripts or modify Tenable-provided scripts. This flexibility is extremely useful. In addition, Tenable is highly scalable, providing with great flexibility of security measurements and also increase the efficiency and effectiveness of the business operation

 Where can I get the Tenable Network Security solution?

To purchase the Tenable Network Security Solutions and products, E-SPIN is actively promoting Tenable Network Security full range of products and technologies as part of the company Vulnerability Management and Security Management solution portfolio – for vulnerability assessment, unified security monitoring (USM) – intergrated vulnerability management, SIEM, Compliance Management.(http://www.e-spincorp.com/espinv3/index.php/tenable-network-security).

We also provides consulting, supplying, training and maintaining Tenable Network Security products for the enterprise, government and military customers or distribute and resell as part of the complete package to  other regions.

The enterprise ranges from university, government and also enterprise IT security professionals on the vulnerability assessment, penetration testing, or IT security company on the security audit and security operation center (SOC) for SIEM, Compliance Management to Unified Security Monitoring or cyber security / cyber warfare / military security defense operation center unified security and operation monitoring.

Read Full Post »

« Newer Posts