Sunday, 16 January 2011

Nessus : a poweful vulnerabilty scanner

What is Nessus?
Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.  It does this by running over 1200 checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it.

Nessus! It features major performance improvements, greater scalability and reduced memory usage.

Engine:
- Same engine on  windows and Unix:
     + Unified experience on all platforms
     + Consistant results across all platforms
(Previously, only the NASL engine was the same between Windows and Unix)
- Fully thread-based instead of being process based
- Better performance
- Better scalability
- Reduced memory usage
- Removed the remaining “.nes” plugins (written in C) entirely
- Many performance improvements to reduce CPU usage on all platforms
- Improved logging in nessusd.dump
Port scanners:
 - Port scanners can now be combined. ie: selecting the SYN scanner and the WMI ‘netstat’ port scanner will make Nessus try to log in via WMI to enumerate the ports first, then to fall back to the SYN scanner if that failed. Therefore, by default, when creating a new policy the WMI, netstat and snmp port enumerators are enabled by default in addition to the Nessus TCP scanner.
- The SYN scanner has been rewritten entirely and is the same between Windows and Linux.
If you are a ProfessionalFeed subscriber, then these changes apply exclusively to you.
 - The Database compliance checks can now log into MSSQL over SSL
 - The PCI-DSS plugins are out of beta
 - A native UDP port scanner is available to ProFeed users
 NASL:
 - Added support for Perl Compatible Regular Expressions (PCRE)
 - Scripts can now share results between different hosts via a global KB
 - New NASL functions (XML parsing, the bignum library, new packet forgery functions, new socket-related functions, and more)
 - Support for unsigned integers

  NessusClient:
 - Support for XLST transformations of the reports
 - It is now possible to export a .nessus file out of a filtered report
 - Linux: 64 bits build for all last-gen distributions
 - Unlimited number of filters in Win32 and Linux
 Linux:
 - No external libraries any more — no need to temper with /etc/ld.so.conf
 - Added support for the newest distributions (Debian 5, Fedora 10, etc…)
 - 64 bits build for all last-gen distributions
 - New “linux-generic32″ and “linux-generic64″ builds for recent unsupported distributions
 FreeBSD:
 - 64 bits build for FreeBSD 7
 Windows:
 - All the Unix command-line tools (nessus-fetch, ‘nessus’, nessuscmd), now run on Windows
 - New server manager GUI
 - The installer is now a .msi package
 - 64 bits build
 Mac OS X:
 - Fixed several memory leaks in the client
 - 64 bits build of the nessusd server
In one of its recent updates, the plugin #36036 can a network based check for Windows computers infected with a variant of the Conficker virus. The scan does not need credentials, but does require ports 445 or 139 to be open between the Nessus scanner and your scanned systems.

Download Nessus 4.4.0 here.

No comments:

Post a Comment