I also forgot to mention the equivalent check for UNIX installed
applications:
http://www.nessus.org/plugins/index.php?view=single&id=22869
This lists all installed applications via SSH, and on most UNIX distros,
this can be a lot.
Ron Gula
Ron Gula wrote:
> Hi there,
>
> You should consider:
>
> http://www.nessus.org/plugins/index.php?view=single&id=20811
>
> This enumerates all installed software on a windows platform. It doesn't
> discriminate between "clients" like Outlook, Mozilla or Trillian with
> regular applications like Google Earth, Power Point or Symantec Anti
> Virus. This plugin requires credentials as well. With the exception of
> some P2P software and applications like iTunes, there really isn't a
> good way to do a network scan without credentials and determine which
> client side applications are installed or in use.
>
> If you use the Passive Vulnerability Scanner:
>
> http://www.tenablesecurity.com/products/pvs.shtml
>
> It can produce an .nsr compatible list of "sniffed" information
> including very extensive client-side application data. These blog links
> can give you some idea of what it can do:
>
> Detecting Network Change during end-of-year freezes
> http://blog.tenablesecurity.com/2006/11/pvs_and_the_end.html
>
> Detecting Corporate Policy Violations
> http://blog.tenablesecurity.com/2006/11/using_pvs_to_de.html
>
> Detecting Proxy Firewalls
> http://blog.tenablesecurity.com/2006/10/proxyfirewall_d.html
>
> Detecting DNS Servers with "Recursion" Enabled
> http://blog.tenablesecurity.com/2006/08/helping_to_stop.html
>
> Ron Gula, CTO
> Tenable Network Security
>
>
> Asthana, Vishal wrote:
>> Hi,
>>
>>
>>
>> Is there any Nessus plugin that helps report Application names and
>> versions e.g. Internet Explorer, Yahoo, Firefox etc? There are
>> Application DETECTION plugins for the same but the post-scan operation
>> does not report the specific Application installed. It only reports FTP
>> Server, Web Server, Oracle Listener etc.
>>
>>
>>
>> I have already referred to the following old threads and ensured that
>> find_service.nes was part of the scan.
>>
>>
>>
>> http://mail.nessus.org/mailman/htdig/nessus/2004-February/msg00302.html
>>
>> http://mail.nessus.org/mailman/htdig/nessus/2004-February/msg00218.html
>>
>>
>>
>> I have also tried using Nmap scanner instead of the Nessus TCP scanner
>> with the same results.
>>
>> http://www.nessus.org/documentation/index.php?doc=nmap-usage
>>
>>
>>
>> Any pointers would be helpful.
>>
>>
>>
>> Thanks
>>
>> Vishal
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|