Vulnerability Assessment
Reconnaissance
OS scans
Scan Log
NESSUS Vs. Solaris
OS Scan Update: Redhat 8
Results for Redhats latest OS release, Redhat 8, have been completed and posted. Interestingly enough, this install has proven to be a solid OS from the eyes of NESSUS.
OS Scan Update: Windows XP and Windows XP SP1
Windows XP SP 1 and updated scan of Windows XP default have been added to the OS Scan project. This scan was performed using NESSUS 1.2.5.
OS Scan Update: Windows 2000 Server SP3
The results for Windows Server 2000 SP 3 are up. And again, Microsoft seems to have baffled the security world. Note the vulnerability found in the web server, that NESSUS recommends applying SP2 to fix?!?!?!
New Windows 2000 Server Scan updates
New scans of the OS Windows 2000 server were posted for your review. These scans were done with the latest NESSUS. In addition, we have included NMAP scans as well. Service Pack 3 scans will be following shortly. You will find more information on the OS Scan page!
Solaris 9 Default OS Scan Results
The new SOlaris 9 OS scan was the next target of the OS Scan project. An updated version of NESSUS was used and thus NESSUS's new reporting chart is displayed. Check out hte results here.
Windows ME Scan Results
We jsut completed the WIndows ME scan results are in!
NESSUS Vs. Solaris
I am comprising a paper on the OS Scan results found in Solaris 8. The paper, entitled "NESSUS Vs. Solaris", highlites the changes found before and after SUN's latest cluster patch.
REDHAT 7.2 Default Scan Results Complete
Linux seems to have this image of being the most secure OS on the market. So we took it to our test! The results can be found on the "OS Scan Test" page. This OS proved to be a challenge to our test. While we would like to remind you that this test should not be considered the "BOTTOM LINE", it did hold up better against NESSUS and NMAP than any other OS to date.
Windows XP Default Scan Results Complete
Due to the many request and emails we received, we are happy to announce that we have begun the Windows XP OS Scan. We installed Windows XP in it's default state and put it to our test. The results can be found on the "OS Scan Test" page. We plan on doing more testing of this OS and will be providing some in-depth coverage of XP's security soon.
Windows 2000 Server Scan Results Complete
Windows 2000 Server Scan Results are complete. We have complete NESSUS and NMAP scans of Windows 2000 pre-patch, SP1, SP2, and the Security Rollup Package. We are currently studying the results and will prepare an overview of the entire scan results on Windows 2000. The results can be found on the "OS Scan Test" page.
Windows 2000 Server Scan Results
Windows 2000 Server Scan Results are being prepared now. The first snapshot of Windows 2000 Default Install are up and can be found at the "OS Scan Test" page. The SP2 scan will be added in the next few days.
Windows NT 4 Server Scan Results
How secure is NT server 4 as a default install? How much better is it after Service Pack 6A? Check out the results on ourl "OS Scan Test".
OS Scan Test
The purpose of this study is to supply an answer to the following question:
"Which Operating System has more known Vulnerabilities with a default
install?" We also wanted to see how much the OS patches released
for it really helped. So we picked several of the more popular Operating
Systems and put them to the test. In this study, we will use Nmap version
2.54BETA 22 and Nessus 1.0.9 to scan Operating Systems installed with
default options and no additional patches or configurations. Then we will
scan them with the latest patches and compare the two scans. Read all
about it on our special "OS Scan
Test".
Recon paper is up!
The Reconnaissance paper I wrote highlights what the SANS GSEC course covers and additional information that we at Mrcorp.net find useful.