RAME Communications, Inc.


Wireless Disaster Recovery Firewall Data Center Consolidation Vulnerability Assessment Audio/Video

Vulnerability Scanning

Implementing Nessus

Client Profile This New York State agency has over 50 servers in their primary data center. The recent additions to and reconfiguration of their network infrastructure led to security concerns related to operating system and application software vulnerabilities.

We performed a vulnerability assessment of their critical information technology resources including those exposed to the Internet through firewalls, those located in the DMZ, and those on the internal network.

The data for the assessment was collected using the Nessus vulnerability scanner including wrappers for the nmap port scanner and nikto web server scanner. This server configuration was included in the scope of the project, allowing the client to do routine scanning of its systems in the future.

While Nessus is a powerful tool for identifying system vulnerabilities, it generates a considerable amount of informational output that is not specifically relevant to identifying what actions to take as a result of the system scans. We filtered the Nessus output into a specific list of action items for the systems targeted in the scans.