Contains a wide range of vulnerabilities across heterogeneous operating environments
Operating system detection
Disables modules not pertaining to specified operating systems when scanning hosts
Simultaneous scanning
Scans more than 100 hosts simultaneously
DNS checks for DNS servers running on heterogeneous platforms
Detects vulnerabilities to information disclosure, server corruption, and buffer overflows
FTP checks
Detects FTP server vulnerabilities such as write-able directories, illegal privilege escalation, unauthorized access to the server's file system, illegal execution and IP-level vulnerabilities
HTTP checks across UNIX and NT web servers, including Apache, NCSA, IIS, Netscape, WebSite, Microsoft Personal Webserver, WinGate, Winroute, Cold Fusion and Alibaba
Detects vulnerabilities in web server and proxy server software such as buffer overflows, CGI vulnerabilities and search engine vulnerabilities
Port scanning
Scans systems to obtain a complete list of TCP-based services
SMTP checks
Detects a wide range of sendmail vulnerabilities, and checks for other mail systems including Qmail, Mdaemon, and Majordomo
RPC checks
Detects vulnerabilities in Remote Procedure Call services associated with UNIX systems
Windows checks
Detects vulnerabilities in Windows 95, 98, NT and 2000 systems, such as NETBIOS, SMB, DCOM, registry, MDAC, Internet Explorer, user privileges, auditing, service pack and hotfix installation, third-party software checks and NT services (Alerter, Messenger, Remote Access, Network Monitor, PC Anywhere, Remote Desktop, and Simple TCP/IP)
Network device checks
Detects vulnerabilities in laser printers, routers, bridges and switches
Detailed, Flexible Reporting:
Feature
Benefit
Graphical summary report
Summarizes information in a graphical report with pie charts for different report categories (Complexity, Ease of Fix, Impact, Popularity, Risk Factor, Root Cause).
Report by complexity
Organizes results by the difficulty involved in exploiting a vulnerability (Low, Medium, High).
Report by ease of fix
Organizes results by the ease of fixing a vulnerability (Trivial, Simple, Moderate, Difficult, Infeasible).
Report by impact
Organizes results by the specific threat posed by a vulnerability (System Integrity, Confidentiality, Accountability, Data Integrity, Authorization, Availability, Intelligence).
Report by popularity
Organizes results by the likelihood that a vulnerability will be exploited (Obscure, Widespread, Popular).
Report by risk factor
Organizes results by the severity of the threat posed by a vulnerability (Low, Medium, High).
Report by root cause
Organizes results by the underlying cause of a vulnerability (Configuration, Implementation, Design).
