Tenable Blog

Tenable has recently added several new APIs to the UNIX compliance checks. This blog entry discusses the new checks with several examples. These APIs are available to Direct Feed and Security Center users who have recently updated their plugins. Many of these checks will work for any UNIX operating system, however several of them are specific to RedHat Linux and its derivatives such as Fedora. 

New File Based Keywords and APIs

Sensitive government and military organizations classify their documents with familiar terms like "TO

Over the past few years, there have been several vulnerabilities disclosed about the Snort network intrusion detection sensor. I recently had a Tenable customer inquire for a strategy of "scanning" to find these Snort systems. This blog discusses some basic and more advanced ideas and issues on how to approach this with Nessus and the Passive Vulnerability Scanner.

Network Scanning of Passive Listening Devices

Tenable's research group has released a set of seven audit policies for the Vista operating system. These polices are based directly off of Microsoft's Windows Vista Security Guide. This blog entry discusses how to obtain these audit policies and how to perform an audit of a Vista  computer system.

Obtaining These Plugins

Tenable's research group recently released plugin ID #24904 which speaks with the Link Layer Topology Discovery protocol. This is an Ethernet "layer 2" scan, so it is something you need to perform against a server within the collision domain of a Nessus scanner. LLTD allows you to enumerate a wide variety of information about the remote host. The current NASL script supports discovery of: