Once you’ve patched the vulnerability on all of the systems and services you’ve discovered, it can easily be re-introduced if someone installs a vulnerable application or embedded system that has not yet been patched (or an older version where the vulnerability exists). The vulnerability can present itself in any service which implements SSL, allowing it to exist in services other than HTTPS (port 443), including email, instant messenger, and many other common (and uncommon) services and applications While you can patch the vulnerability in your operating system, the vulnerable library can be built into the application, as it is with OpenVPN and other applications which must also be patched The vulnerability exists in the OpenSSL library, widely used by Linux operating systems, embedded systems and most applications implementing SSL encryption What could use more discussion is what it really takes to find all vulnerable systems in today's networks. The significance of CVE-2014-0160, aka Heartbleed, an attack against the transport layer security protocol (TLS/DTLS) heartbeat extension, is well documented. Tenable Products Provide Strategic Solutions Nessus provides multi-scanner support, scales to serve the largest organizations, and is easy to deploy on premise or in the Amazon Web Services (AWS) cloud.
With a continuously updated library of more than 60,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing mobile, malware, and botnet discovery sensitive data identification and many other features.
Nessus is a complete and very useful network vulnerability scanner which includes high-speed checks for thousands of the most commonly updated vulnerabilities, a wide variety of scanning options, an easy-to-use interface, and effective reporting.
0 kommentar(er)
