Tenable Blog

Tenable is pleased to announce the official release of the Nessus Android app! The application can be downloaded for free from the Android Market and contains the following features:

• Connect to a Nessus server (4.2 or greater)
• Launch existing scans on the server
• Start, stop or pause running scans
• Create and execute new scans and scan templates
• View and filter reports

I was recently talking to my good friend Ed Skoudis about computer security incident response. An interesting question he asks organizations that are in "incident response" mode is, "Do you run PsExec?" PsExec is part of the Windows Sysinternals’ suite of tools and implements a service that allows users to administer Windows systems remotely using the command line. More information can be found on the PsExec download page. It also contains functionality described as:

"PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like ipconfig that otherwise do not have the ability to show information about remote systems."

Tenable’s 3D Tool v2.0 is a Windows application that queries data from a SecurityCenter 4 server and presents it in an interactive visual console to facilitate presentations and security analysis.

It can help better communicate different types of information available in SecurityCenter, such as:

• Nessus vulnerability data


• Network topologies


• PVS data, including passively discovered vulnerabilities, network connections and new network devices


• Event data discovered and normalized by the Log Correlation Engine (LCE), including intrusion detection, firewall, NetFlow and syslog data

For more information, see Ron Gula's post to the Nessus Discussion Portal titled "3D Tool Creation and Walk-Through" (login required).

The following screenshot shows hosts on the network and their operating system type:

If You Are Using WINS, You Are Not WINNING

WINS, or Windows Internet Name Service exists so that NetBIOS hosts can communicate with TCP/IP hosts. Wait, did we just step into the network protocol time machine? In fact, we did! NetBIOS was developed for IBM in 1983 by a company called Sytec, and later adopted by Microsoft (See "Understanding NetBIOS and Windows Server 2003" for more historical information on our journey back in time). So the big question remains, why are people still running WINS and/or NetBIOS? My guess is that a vendor provided you a solution, stuck you with an operating system that is old and outdated, and now you’re stuck maintaining the application and operating system (refer to Rafal Los's great post: Supporting "Unmaintainable" Applications).

Any time you can enable yourself to rid the network and systems of old protocols, it’s a win for security. The harder part is ridding your network of the things that rely on those protocols. Once you get there however, not only will you have a network that is easier to maintain (lets face it, WINS was one more thing to go wrong with Windows networking), it will be slightly more secure as well.

MS11-035 addresses a privately reported, remotely exploitable, vulnerability in WINS, as if the attackers need something else they "could" exploit.

The Tenable research team recently published a few new plugins that contribute to how Nessus performs OS identification. When scanning devices and systems I am always amazed at how many different services will hint at, or even flat out reveal, the operating system and version.

OS Identification : HNAP

HNAP is the Home Network Administration Protocol developed by Cisco Systems. It is designed to allow remote support personnel to manage devices on users networks using a SOAP-based protocol. An unfortunate side-effect is the information being leaked across the network that can be accessed without authentication. A new plugin was developed to collect this information and use it to determine the remote operating system: