Have you seen the new – OK, it’s not that new any more – version of LANguard (formerly LANguard Network Security Scanner)? It’s certainly a tool worth checking out if you do vulnerability scanning.
I’ve been using LANguard for years for share finding and authenticated scanning and it does both very well. The biggest change in the latest version is the user interface. I’ve never been a big fan and I’m still not, but I’m getting used to it. Many of the improvements in the latest version involve authenticated scans. The quick-view dashboard is a nice improvement and I really like the scan progress.
When performing untrusted/unauthenticated scans I’ve found that LANguard won’t find nearly the number of vulnerabilities than QualysGuard especially with regards to missing patch vulns that are exploitable via Metasploit. Hopefully that’ll continue to evolve. But it does a very good job with this during authenticated scans (as would be expected if you have login credentials).
I’m still waiting for the ability to test your authentication credentials like what Sunbelt Network Security Inspector offers – at least used to, haven’t used it lately. You have to plug in your credentials and hope that your login works. It’d also be nice to be able to sort through the network share finder results and filter based on permissions found (i.e. shares where Everyone has full access).
In the interest of getting you hooked on good tools, here’s a link to GFI’s free version of LANguard. Hope this helps!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”