Product Reviews

How Secure is Your Network? CIS

Seven network scanners test your security before the crackers do.

• By Greg Saoutine
• 09/01/2001

Cerberus, as opposed to other port scanners mentioned in this article, doesn't perform a plain port scan. Instead, Cerberus checks the target system for vulnerabilities listed in its database. The database can be updated in real-time from the vendor's Web site (recently, the product pages have been co-hosted by security consulting firm @Stake). Vulnerabilities pertaining to the Web service, FTP and NetBIOS (among others) are checked by this tool.

Cerebus reports vulnerabilities on a custom HTML page, with links to vendor sites and software fixes. Other locations show where the problem was found on the Web server being tested. (Click image to view larger version.)

It provided an excellent (better than some of the commercial products) assessment of the Web server (IIS 5.0). It also found NetBIOS and FTP vulnerabilities, just as Nessus and ISS did. However, its vulnerability database in general is quite small compared to the commercial products and Nessus. @Stake is planning on expanding this database, and it soon could be well worth your attention, especially as a free tool.