ScanFi

SecureCentral(tm) have released ScanFi, an automated vulnerability scanner.  Both commercial and free versions are available.

ScanFi has been designed to carry out the following:

• Non-intrusively scans your enterprise network.

• Provides a detailed inventory of your network assets.

• Identifies network devices that are, (possibly), open to known vulnerabilities.

• The ability to remedy vulnerable systems by deploying missing patches and service packs.

• Provides detailed reports of the scan.

• Schedule scans as and when required.

• Inter-platform scanning i.e. Microsoft Windows and Linux.

Note:- The first point I may argue as it employs nmap for its port scan and other scanning techniques to gather results.

ScanFi is web-based with a mysql server backend for saving and producing the report format together with allowing full queries to be carried out against the on-board patch and vulnerability database.

ScanFi supports vulnerability assessments for the following systems and services which can be individually scanned against:

Web Servers
Database Servers
Application Servers
RPC Services
CGI Scripts
FTP
DNS
POP3
SNMP
SMTP
IMAP
SSH
SSL
Proxy Servers
UDP
TCP/IP
Registry
User Accounts
Dos Vulnerabilities
SQL Injection vulnerabilities
Trojans and Viruses
Switches
Routers
Windows
Linux

VPN's

It is available from here.

Usage:

To carry out a basic scan, you need to log in as admin, password of admin, you are then presented with the following screen.

Click New Scan

Insert Scan Name

Scan Inputs insert host, ip range or asset group

Click on Vulnerability group and select which type of scan you want to perform i.e. complete, database servers etc.

Click on windows credentials and manage and insert known credentials, then select from the drop down box

Click Scan

A complete scan carried out against a Windows 2003 SP1 server with Oracle 10gR2 installed took approximately 10 minutes to be performed, a number of check are carried out:

A number of different result formats are available:

The report is produced in html format with the option to output to pdf:

The report is very detailed and can be described as a cross between the output received from Nessus and that of GFI Languard scanner.

Evaluation:

This product is very sound and has a number of excellent characteristics especially the excellent vulnerability knowledge database with all cve references etc. and the patch knowledge database and reporting facilities.  The one let down was on the application side, the host tested had a default install of Oracle 10gR2 but only reported a couple of issues so essentially you would need a database specific tool for this element of this test.  It also was a little slow.