- This topic has 6 replies, 6 voices, and was last updated 8 years, 9 months ago by
Triban.
-
AuthorPosts
-
-
May 8, 2012 at 12:02 pm #7572
maddy
ParticipantHi,
Since i am scaning with nessus tool more than 15000 machines on which i am finding more than 200+ different vulnerabilities. Since i filtered False positive i m finding nearlt 190 odd vulnerabilities.
Looking for some automate tools to fix the Nessus reported vulnerabilities remotely.thanks in Advance
-
May 8, 2012 at 12:26 pm #47262
dynamik
ParticipantCan you provide any more details, even at a high level (i.e. OS patches, client-side software, OS configuration, etc.)? The types of operating systems would help too since tools and techniques will likely differ between Windows and *nix. Any recommendations are going to depend a great deal on those details.
-
May 8, 2012 at 11:23 pm #47263
idr0p
ParticipantYou can use SCCM to do patch management. There is also Dell Kace and other tools where a “agent” on the system will issue the updates accordingly.
-
May 9, 2012 at 11:18 am #47264
maddy
ParticipantHi,
there are vulnerabilities related to settings as well, related to MS patches taken care by Remote deployment tool.
Pls find the attached for the details of vuln reported
Wondering for the setting issues. -
May 9, 2012 at 4:01 pm #47265
unicityd
ParticipantMost of those problems will need to be fixed manually. The list you posted includes multiple applications on multiple operating systems. There’s no one script or tool that you can use to fix them all.
-
May 9, 2012 at 6:32 pm #47266
cd1zz
ParticipantSounds like you just need centralized patch management. A lot of those vulns are from missing patches. You might just have a few separate ones, like centralized YUM for example.
-
May 11, 2012 at 2:27 pm #47267
Triban
ParticipantHow big is the environment? If it is under 3000 IPs then you can look at something like GFI LANguard, this does vulnerability scanning with patch management. Supports multi-platform and 3rd party applications I believe (from last time I worked with it). Another option is Dell Kace appliance. I’ve worked with this as well. This supports Mac, Linux and Windows. along with support for 3rd parties, you can create custom install scripts for apps that may not be in their library. Similar to using GPO but I found it to be much cleaner, and again, it supports multiple platforms. I think they are even moving into mobile support for iPads and other types of tablet devices. It works as a decent inventory tool as well.
-
-
AuthorPosts
- You must be logged in to reply to this topic.