Vulnerability Tools Essay Example | Topics and Well Written Essays - 2500 words

Vulnerability Tools - Essay Examplenformation systems. Nessus is a alone-encompassing and open source security system scanner. Plug-in architecture allows users to customize it as per their systems and networks. The security scanner frequently updates itself and provides broad reporting, host scanning, and real-time exposure searches. Security audit features of Nessus are (Messmer, 2005) Credentialed and un-credentialed port scanning Network found vulnerability scanning Credentialed based patch audits for Windows and most Unix platforms Credentialed sort auditing of most Windows, Unix platforms Robust and comprehensive credentialed security testing of 3rd party applications such as iTunes, JAVA, Skype and Firefox Custom and embedded web application vulnerability testing SQL database configuration auditing Cisco Router configuration auditing Software enumeration on Unix and Windows Testing anti-virus installs for out-of date signatures and configuration errors A nonher popular and open source dickhead for vulnerability analysis is Wireshark. This tool, which was previously named as Ethereal, alike provides functionality for packet sniffing. A relatively easy GUI along with various filtering and sorting options makes this tool correct for non-savvy IT staff within organizations (Scalisi, 2010). Comparing Nessus and Wireshark Wireshark is considered to be at top of the list for network protocol analyzers. Wireshark not only provides vulnerability analysis, as its functionality can be resembled with tcpdump. It emphasizes protocols and represents data streams on the GUI. The major advantage that this tool has is the compatibility of operating systems, as it supports OS X, Windows, UNIX and Linux. Moreover, it also extensively supports Voice over IP that is a portentous option for the organization, as international and corporate organizations use VoIP for communication purposes to save cost and at the corresponding time deliver quality. Nessus, on the o ther hand, is used in more than 75,000 organizations around the globe and it is considered to be one of the worlds most popular vulnerability scanner (Ferguson, n.d.). However, the third version, i.e. version 3, has this instant been converted to a proprietary license as the scanning engine is still free and updates are also available after a week on a release. Relating with the Scenarios When Nessus is incorporated in a mountainous enterprise, most probably, a government organization such as Department of Defense (DOD) networks, it exit initiate a port scan and target the defined host or a network. afterward opening the port, it examines all the services that are running on the system or network and tests all the detected services against vulnerabilities defined in the Nessus vulnerability database (Kim, n.d.). As this tool can develop a testing platform for network resilience, the report generation is very comprehensive that is ideal for large enterprises. As it is an easy rem ote based vulnerability analysis tool, it can be best suited for large enterprises that are geographically dispersed in more than one continent