Top 15 Reasons Why Admins Use Security Scanners
I asked the NTSYSADMIN, Exchange, and Security List participants
for the reasons (in their own words) why they were running
security vulnerability scanners. These were interesting to see
actually. Although they all revolve around fixing holes, they are
quite varied. Here goes:
We are working hard to get our Sunbelt Network Security Inspector
into a total world-class scanner for a killer price. We scan
Windows machines now, but will show at Tech.Ed in May we also do
Scans by IP-range. There are other exciting features being added
later this year. This insanely cheap intro price per admin is not
going to last forever. SNSI was updated today, and the new
vulnerability checks for this release include 9 new Windows
checks, bringing the total Windows checks to 2162. New
- Am I sure that I have found all vulnerabilities in my network?
- Have I configured my network properly?
- Am I finding and closing security holes fast enough?
- How do I know which machines have a missing patch?
- Are we resistant enough to network-savvy viruses that spread via known exploits?
- Are we in compliance with HIPAA, Sarbanes-Oxley and other regulations?
- What have I missed in locking down a server or environment?
- Do I have my network perimeter and interior sufficiently protected?
- Have I identified and protected my network resources from external threats?
- Do I know which systems are now well protected?
- How vulnerable are we from the inside?
- How will I ever pass my IT Security Audits?
- How do I locate computers on my network, that are not within compliance?
- How do I report to Management that we have done all we could to lock down?
- How do I detect unknown and/or rogue devices/connections?
W2154 OpenSSH Buffer Management Error
W2155 OpenSSH PAM Vulnerability
W2156 OpenSSH Remote Challenge Vulnerability
W2157 OpenSSH sshd Buffer Overflow Vulnerability
W2158 Guest Logons Enabled in FTP
W2159 Rundll32.exe File Location Vulnerability
W2160 Mscnt.exe Detected
W2161 PCT 1.0 Protocol Not Disabled
W2162 DameWare vulnerability
In addition, there were improvements in the following checks:
W2146 SSL check
W2152 MHTML URL (Outlook Express) check
W2152 Microsoft Jet check
I suggest you check SNSI out, as you have the opportunity to
get in on the ground floor and buy it now. IP-Scanning will
be available soon, and you will be very pleasantly surprised
with the SNSI roadmap. Do not buy any other scanner until you
have looked at SNSI. The value cannot be beat. The eval is
here, you can test one machine right away and you can get a
full 30-day key from your Rep or Reseller. SPECIAL OFFER:
Install a FREE demo and get your own black "Hack My Network
and Die" T-shirt.
Spyware Emerges As New Online Threat
The MSNBC website has a good little article about spyware. The
world is waking up to this finally. Remember I started talking
about this more than a year ago. Here is a little blurb from
"WASHINGTON - Internet users have learned to keep
an eye out for viruses, worms and 'spam' e-mail. Add another
online hazard to the list: spyware.
Programs that hide in users' computers and secretly monitor
their activities are emerging as the next high-tech plague,
experts say. Spyware can sap computing power, crash machines
and bury users under a blizzard of unwanted ads. It can capture
passwords, credit-card numbers and other sensitive data."
Here is the article:
The PestPatrol people featured a Beta of a corporate spyware
solution at the SANS show. I saw the console that can do scans
for whole domains. Pretty cool and I suggest you start asking
budget for this. It's going to come up more and more. You can
test PestPatrol here, but keep in mind this version still relies
on scripting, it's not the console version yet!
Volume of SPAM Doubled in Past Two Years
According to a new landmark study conducted by IDC, "The True
Cost of SPAM and Value of Anti-SPAM Solutions", the surge in spam
poses a growing threat to productivity. IDC estimates that spam
represented 32% of all email sent on an average day in North
America in 2003, essentially doubling from 2001.
"Spam has become more than just a nuisance; it is quickly
becoming both a major productivity drain and potential legal
liability in organizations across the globe," said Mark Levitt,
research vice president for Collaborative Computing at IDC. "Spam
clogs networks, servers, and inboxes with unwanted and often
offensive content. The business impact of spam only grows more
serious as the volume of spam continues to rise."
Investing in anti-spam solutions yields a positive ROI and rapid
payback based upon the research conducted by IDC on the cost of
spam and the value of anti-spam solutions. Anti-spam solutions
have helped organizations save millions of dollars in lost email
user and IT staff productivity (see table).
Average Productivity Cost of Spam and Savings of Anti-Spam
Solutions for Average Firm with 5,000 Email Users
. Without With
. Anti-spam Anti-spam
. Solution Solution
. ---------- ----------
Daily time spent by each user 10 minutes 5 minutes
Average Annual (cost)/savings to firm ($4.1 million) $783,000
Daily time spent by each user 43 minutes 19 minutes
Average annual (cost)/savings to firm ($85,800) $13,000
Note: Other costs and benefits unrelated to productivity are not
included here. Source: IDC's The True Cost of SPAM and Value of
Anti-SPAM Solutions Study, 2004.
A recent poll of just under 4,000 small & medium businesses showed
that 80% of companies found that the spam floods caused lowered
productivity at work, but only 28% have an anti-spam solution in
place at the moment.
Run Exchange V5.5 and have not yet decided for an anti-spam tool?
The best-selling tool for Exchange is here now for V5.5 and you
do not pay a penny when you move to either Exchange 2000 or 2003.
There is no upgrade penalty!