Detections
Analytics
Tivoli Network Services Auditor (NSA) Scanner Detection (deprecated)
medium Nessus Network Monitor Plugin ID 3813
Synopsis
The remote host is running software that should be authorized with respect to corporate policy.Description
The remote host is running the Tivoli Network Services Auditor scanning software. This software is used to automate the scanning of network systems for known vulnerabilities. The presence of this scanner indicates that a group is scanning the network for vulnerabilities.Solution
Ensure that these scanners are authorized according to corporate policies and guidelines.See Also
http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.GSAL-Watson.html