NetRecon
Category: Vulnerability Scanners
Website: N/A
Manufacturer: Axent
Operating System: Unix, Linux, Windows
Description:
NetRecon is a non-intrusive network scanner that doesn't rely on a client-side agent to assist in the scan process. It can scan for a wide-range of vulnerabilities using a fingerprint database that is update regularly and automatically pushed to be used in future scans. In many ways NetRecon is average among the pack of vulnerability scanners with only one key feature, Progessive Scanning, that really sets it apart. Progressive Scanning learns from weaknesses it finds during a scan and will try related attacks on other systems once a vulnerability has been found anywhere on the network. For instance a weak password found on one server will be attempted on all other servers to see if they also exhibit the same weakness. Unfortunately the Progressive Scanning feature also appears to get NetRecon into trouble upping its share of false positives and confusing results.
Strengths:
· Supports a wide range of operating systems, networks, and protocols
· Simple, easy to use UI
· Firewall configuration scanning
· Reporting is complete and flexible, allowing you to target technical or executive audiences
Weaknesses:
· False positives
· Doesn't id as many vulnerabilities as the best scanners
· No scheduler
Target:
Any machine that has a public IP
Mitigation/Recommendation:
patched and updated machine
Price:
$1995 per subnet
Penetration (5):
Medium Largely unknown, expensive
Simplicity (8):
Beginner Requires very little skill to use for information gathering; scanning is automated and returns with a set of attack vectors a hacker could use on each ip address scanned. It takes moderate skill to turn a scanned vulnerability into a real exploit, though each vulnerability contains references for more information that could be used to formulate an attack. Script kiddies would have to spend time searching for an already built exploit. A real hacker should be able to build an exploit just with the information given. False positives will slow down the process but don't mitigate the fact that many real vulnerabilities will be in the scan report.
Damage Potential (1):
Minimal Data Gathering Only