Tenable Network Security Podcast Episode 186 - "Reducing Your Attack Surface (and your heating bill)"
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
Announcements
- We're hiring! - Visit the Tenable website for information about open positions.
- Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
- Detecting Legacy Clients and Application - I was recently using PVS in a lab environment and noticed the wealth of legacy application information it provided me. This is great news for organizations, as you likely have some legacy systems and applications. It may be tough to find these with network scanning, firewalls, and no credentials for the systems. System owners may not be forthcoming either. However, with PVS you can find old versions of Firefox connecting to legacy web applications. The traffic never lies! How can folks leverage this to find their own legacy applications, and what do you do once you sense them?
- Disable "Stuff" Not In use - I'm a firm believer in reducing your attack surface. I like simple things, and this is a simple thing. If you're not using it, turn it off! Whether it's an entire system, a service, or parts of an application, turn it off. With all the technology in use today, you have to work towards reducing the attack surface in every aspect, including even using firewalls! What got me thinking about this? My new thermostat, a Nest, which it turns out has ZigBee installed by default, but not in use. Do I want attackers messing with my HVAC? No...
New & Notable Plugins
Nessus
General
- Google Chrome < 30.0.1599.66 Multiple Vulnerabilities
- RES Workspace Manager Agent Detection
- RES Workspace Manager Relay Server Detection
- WellinTech KingView ActiveX Multiple Arbitrary File Overwrite Vulnerabilities
- MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities
- DotNetNuke < 6.2.9 / 7.1.1 Multiple Vulnerabilities
- FireEye Web MPS GUI Detection
- Mac OS X 10.8 < 10.8.5 Supplemental Update
- Blue Coat ProxySG Remote DoS
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)
- Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability (cisco-sa-20130925-cce)
- Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability (cisco-sa-20130925-ipv6vfr)
- Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20130925-nat)
- Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge)
- Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp)
- Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)
- Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp)
Passive Vulnerability Scanner
Vulnerability Detection
SecurityCenter Apps
Dashboards
Reports
Security News Stories
- Business RadioX's Results Matter Radio Features Atlanta Businesses and Organizations Serving the Local Community
- SAI Global Deploys Tenable Network Security to Combat Security Vulnerabilities and Compliance
- Tenable Network Security Names Attley Ng as Asia-Pacific Vice President
- AD Zone Transfers as a user
- FAA panel: Wi-Fi is safe on planes even during takeoff and landing
- 5 Wi-Fi security myths you must abandon now
- Symantec takes on one of largest botnets in history
- Iran's cyberwarfare czar is allegedly assassinated
Related Articles
Do You Think You Have No AI Exposures? Think Again
August 6, 2024As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using Tenable’s products.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
OT:ICEFALL Research from Forescout Explores Insecure-by-Design State of Operational Technology
June 23, 2022The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
Volt Typhoon: What State and Local Government Officials Need to Know
November 19, 2024Increased activity from the state-sponsored threat group Volt Typhoon raises concerns about the cybersecurity of U.S. critical infrastructure. Here’s how you can identify potential exposures and attack paths.
- Nessus Network Monitor
- Passive Network Monitoring
- Personal security
- Podcast
- Vulnerability Scanning