Nessus
Current Version: 4.2.2 (April 16, 2010)
The "Nessus" Project was started by Renaud Deraison in 1998 to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organizations such as the SANS Institute. It is estimated that the Nessus scanner is used by 75,000 organizations world-wide.
Features include:
- Up-to-date security vulnerability database - Nessus mostly focuses on the developement of security checks for recent security holes. Its security checks database is updated on a daily basis, and all the newest security checks are available here and can be retrieved with the command nessus-update-plugins. An RSS feed of all the newest security checks allows you to monitor which plugins are added and when.
- Remote AND local security - Traditional network security scanners tend to focus on the services listening on the network - and only on these. Now that viruses and worms are propagating thanks to flaws in mail clients or web browsers, this conception of security is getting outdated. Nessus has the ability to detect not only the remote flaws of the hosts on your network, but their local flaws and missing patches as well - whether they are running Windows, Mac OS X or a Unix-like system.
- Extremely scalable - Nessus has been built so that it can easily scale down to a single CPU computer with low memory to a quad-CPUs monster with gigabytes of RAM. The more power you give to Nessus, the quicker it will scan your network.
- Plug-ins - Each security test is written as an external plugin, written in NASL (see below). This means that updating Nessus does not involve downloading untrusted binaries from the internet. Each NASL plugin can be read and modified, to better understand the results of a Nessus report.
- NASL - The Nessus Security Scanner includes NASL (Nessus Attack Scripting Language), a language designed to write security test easily and quickly. NASL plugins run in a contained environment on top of a virtual machine, thus making Nessus an extremely secure scanner.
Nessus for Mac OS X is not just a port of the Unix server to the Mac environment; it also bundles a native interface to manage the server and the client. The Mac OS X Nessus Client sports the following features:
- Session-based - A 'session' is a set of targets, policies and results. A session may contain multiple scan results
- File-based - Each session is stored as a unique file on disk. This file can then be easily moved around to another host by email, ftp, etc.
- Multiple scans in parallel - You can create multiple sessions in parallel (File | New) and each session can perform a scan
- Real-time results - The results can be viewed and worked on in real time
- Universal Binary - Nessus for Mac OS X natively runs on PPC and Intel CPUs
Nessus 4.2.2 makes the following changes:
- Nessus-fetch: Proxy issues have been resolved
- NASL: Fixed a memory leak in the NASL xmlparse() function
- Networking: Fixed IPv6 routing when talking to a remote host (FreeBSD, Mac OS X)
- Networking: Packet forgery was not always working on ES5 64 bits
- Packaging: Fixed the Debian /etc/rc init script
- Packaging: Upgraded OpenSSL to version 0.9.8n (Windows, Solaris)
- Stability: Fixed a possible crash when using a badly written custom plugin
- Stability: Fixed a possible crash when running out of BPFs on Windows
The detailed change log has more information.
The Nessus software itself is free, and 7-day delayed access to vulnerability checks is also available for free to all registered users. "Instant" access to these vulnerability checks - as well as full commercial support - is available under a $1,200 annual subscription agreement. See the Nessus registration page for further details.
User Reviews
Currently, no user reviews have been submitted. Send me yours!