In computer security, Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example:
- Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
- Misconfiguration (e.g. open mail relay, missing patches, etc).
- Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
- Denials of service against the TCP/IP stack by using mangled packets
- Preparation for PCI DSS audits
On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user.
According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide.
In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction.
Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also give access to support and additional scripts (audit and compliance tests…).
Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners.
If the user chooses to do so (by disabling the option ‘safe checks’), some of Nessus’s vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production.
Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA’s guide for hardening Windows servers.
Q. What is included in the Nessus download?
A. When you download Nessus, you receive the Nessus 4.4 scanning engine (server) that includes a flash web-based client. To receive updates under either a ProfessionalFeed or HomeFeed, you will need to register your scanner.
Q. What OS platforms does Nessus have builds for?
A. Nessus 4.4 is available and supported for a variety of operating systems and platforms:
Debian 5 (i386 and x86-64)
Fedora Core 12, 13 and 14 (i386 and x86-64)
FreeBSD 8 (i386 and x86-64)
Mac OS X 10.4, 10.5 and 10.6 (i386, x86-64, ppc)
Red Hat ES 4 / CentOS 4 (i386)
Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (i386 and x86-64)
Red Hat ES 6 / CentOS 6 (i386 and x86-64) [Server, Desktop, Workstation]
Solaris 10 (sparc)
SuSE 9.3 (i386)
SuSE 10.0 and 11 (i386 and x86-64)
Ubuntu 8.04, 9.10, 10.04 and 10.10 (i386 and x86-64)
Windows XP, Server 2003, Server 2008, Server 2008 R2, Vista and 7 (i386 and x86-64)
Q. What does Nessus 4.4 cost?
A. The Nessus 4.4 scanner is available as a free download.
Q. Where can I go for more information?
A. If you still have questions about Nessus 4.4, feel free to contact us, visit http://www.rustyice.co.uk/ or post to us via our contact link.