I have found Shadow Security Scan to be very helpful. www.safety-lab.com I have tried a lot of other assessment scanners and found the above to be well rounded and has worked well. I have tried Typhon II, Net IQ, Retina, and others. The security scanner from safety labs was around $100 and performed either better or comparable to the rest.
You can use HFNETCHK to check for latest Microsoft patches as well. If anyone uses any other scanners, I would be interested in knowing which other ones work well. -Nick -----Original Message----- From: Kevin Bachelder [mailto:kbachelder@;mindspring.com] Sent: Thursday, October 03, 2002 2:10 PM To: [EMAIL PROTECTED] Subject: Vulnerability Assessment Software and/or Services Hi everyone, We are a small company with a single web server and a few NT/2000 servers. I am looking for recommendations on what software or service to use to do vulnerability scans/assessments so I can be sure I am keeping up with all my patches and configuration changes, etc. I don't have much of a budget so I am looking for products geared towards smaller companies. I have tried the QualysGuard service from Qualys and also looked at N-Stealth from N-Stalker but would love to know what others recommend. Thanks in advance, Kevin ------------------ Kevin Bachelder Microsoft Certified Systems Engineer - Windows NT 4.0 (MCSE) Microsoft Certified Professional - Windows 2000 (MCP) Citrix Certified Administrator (CCA) CompTIA A+ Certified Computer Repair Technician (A+)