<div dir="ltr">I would agree Nessus will do this if you do a credentialed scan and it's a really great tool to have in your arsenal anyway - if you are not currently doing regular VA's you should because things change and new vulns come to light all the time.<div><br></div><div>Dont overlook Microsofts MSBSA (<a href="https://www.microsoft.com/en-us/download/details.aspx?id=7558">https://www.microsoft.com/en-us/download/details.aspx?id=7558</a>) it will do most of what you are asking for free.  <div><br></div><div>There are also the CIS benchmarking tools, but these probably go above and beyond what you are asking.<div>The other thing worth checking out is a tool called PAWS Studio (<a href="https://www.titania.com/products/paws-studio">https://www.titania.com/products/paws-studio</a>) from Titania (who make Nipper) it is primarily targeted at US Federal compliance requirements, but there is a free trial, so you can give it shot and see if it meets your needs.</div></div></div><div><br></div><div>Eric</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 13 April 2016 at 11:34, Tim Raphael <span dir="ltr"><<a href="mailto:raphael.timothy@gmail.com" target="_blank">raphael.timothy@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div>I’ve heard very good things about Nessus: <a href="http://www.tenable.com/products/nessus-vulnerability-scanner" target="_blank">http://www.tenable.com/products/nessus-vulnerability-scanner</a></div><div><br></div><div>It can do an awful lot and produces some very nice reports.</div><div><br></div><div>- Tim</div><div><br></div><br><div><blockquote type="cite"><div><div class="h5"><div>On 13 Apr 2016, at 9:25 AM, <a href="mailto:paul+ausnog@oxygennetworks.com.au" target="_blank">paul+ausnog@oxygennetworks.com.au</a> wrote:</div><br></div></div><div><div><div class="h5"><div style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Hi All, we are looking for a decent security audit tool for Windows servers which we can run against customer servers both in the DC and in the field.<u></u><u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">We are looking for something that can audit account policies, file system security, and generally determine if the system is secure and doesn’t have any blank passwords, open shares, that sort of thing.<u></u><u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">We would probably be charging for the audit so don’t mind paying a reasonable amount for good software which can produce a decent report, open source would be great but I realise that finding something good would probably mean spending some decent coin.<u></u><u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Any suggestions would be appreciated.<u></u><u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Thanks<u></u><u></u></div><div style="margin:0cm 0cm 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif">Paul<u></u><u></u></div></div></div></div><span style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">_______________________________________________</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline!important">AusNOG mailing list</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><a href="mailto:AusNOG@lists.ausnog.net" style="color:purple;text-decoration:underline;font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">AusNOG@lists.ausnog.net</a><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><a href="http://lists.ausnog.net/mailman/listinfo/ausnog" style="color:purple;text-decoration:underline;font-family:Helvetica;font-size:12px;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a></div></blockquote></div><br></div><br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div>