Mailing List Archive

ISA Proxy Scan
Hi,

We are about to run a VA scan on ISA 2006 proxy servers (deployed on
Windows 2003) in our environment. Please let us know the availability of
Nessus policies (plugins) to test the security of the underlying server
and the correctness of ISA setup and configuration.

Thanks in advance.

Kind Regards,
Vijay
Global Infosec Team
Cognizant India









This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information.
If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful.
Re: ISA Proxy Scan [ In reply to ]
Vijay.V2@cognizant.com wrote:
> Hi,
>
> We are about to run a VA scan on ISA 2006 proxy servers (deployed on
> Windows 2003) in our environment. Please let us know the availability of
> Nessus policies (plugins) to test the security of the underlying server
> and the correctness of ISA setup and configuration.
>
> Thanks in advance.
>
> Kind Regards,
> Vijay
> Global Infosec Team
> Cognizant India
>

Hi Vijay,

If you go to http://www.nessus.org/plugins/index.php you can search the
Nessus plugins that are available. Typing in "ISA" there were several hits
for for Microsoft ISA vulnerabilities.

I suggest that you perform a full credentialed audit of the ISA firewall
to see what ports are open, what OS patches could be needed and to see
if there are any other types of software installed that could be vulnerable.

Also, since you mentioned configuration, if you are referring to a Nessus
.audit policy for ISA firewalls, this is not something we've developed or
currently working on at Tenable. If you write an audit policy for ISA
firewalls and want to share it with other Nessus Profession Feed subscribers,
I suggest you post it to the Discussions forum located here:

https://discussions.nessus.org/index.jspa

Ron Gula
Tenable Network Security












_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus