Friday, January 09, 2004

rying Tenable's NeWT Security Scanner

After watching this TechTV piece on Tenable Security's new NeWT (Nessus Windows Technology) Security Scanner, I downloaded the trial version. It expires 31 Jan 04 and will scan the same class C address as the system on which it is run. I tried it on a Windows XP laptop with 384 MB RAM and a 1 GHz Pentium III CPU. It installed easily, accepting that I already had version 3.0 of WinPcap loaded.

Within minutes I was scanning one of the other systems on the same class C as my laptop. NeWT has a very "Windows Update" or Microsoft Baseline Security Analyzer feel to it. It's easy to configure and navigate, and the report results were clear.

NeWT is a Windows port of the Nessus engine. Currently the open source version of the Nessus server is UNIX-only, with clients for configuring scans available for Windows or UNIX. NeWT brings the power of Nessus to those preferring to scan from a Windows platform.

Tenable sells two versions of NeWT: one for $500, and one for $3000, with varying IP restrictions. Check out the NeWT home page for more information.