[unisog] Automated vulnerability tests upon host to network attachment

Russell Fulton r.fulton at auckland.ac.nz
Tue May 20 01:29:03 GMT 2003


On Sat, 2003-05-17 at 00:55, marchany at vt.edu wrote:
> >However, a great deal of good could be accomplished by a few simple checks 
> for >the most common problems. For example,
> >1) Does the NT/2k/xp Administrator account have a strong password.
> >2) Is port 80 open and is it susceptible to unicode traversal.
> 
> Yep, those are great checks. In fact, I would use a scanner that checks for 
> the SANS/FBI Top 20 Internet threats doc. That has the most common 
> vulnerabilities and the 2 that Gary mentioned above are included in that list.

Does anyone have a cut down nessus configuration suitable for this sort
of thing?  I want to regularly scan all machine that have relatively
open in bound access from the 'Net (about 300 out of 10,000 hosts on
campus).  I have been intending to do this myself for at least two years
but it has never made it to the top of my priority stack :(


-- 
Russell Fulton, Network Security Officer, The University of Auckland,
New Zealand.



More information about the unisog mailing list