tinyapps.org / blog


Scan local Mac for known vulnerabilities #

Scouring the web for a macOS analog of Windows Exploit Suggester - Next Generation (WES-NG) (mentioned recently), I stumbled onto Howard Oakley's Scanning your Macs for security problems with Nessus.

Agreeing wholeheartedly with his assessment ("Installation is a bit fiddly and left me with a feeling of discomfort. The installer which you download is but the start of the process: this eventually takes you through to the Nessus web interface, which then downloads further and unspecified packages and installs them somewhere. For a security tool this is worryingly opaque and obfuscated, and I cannot see any convincing reason for having to do it that way."), I opted to install Nessus in a virtualized instance of the target Mac and run it against just 127.0.0.1 to find known vulnerabilities.

As Howard observes, the Basic Network Scan is anything but:

Nessus scan results

/mac | May 09, 2019


Subscribe or visit the archives