Nessus 2.2.9 review

Download
by rbytes.net on

Nessus project is the world's most popular open-source vulnerability scanner used in

License: GPL (GNU General Public License)
File size: 9152K
Developer: Tenable Network Security
0 stars award from rbytes.net

Nessus project is the world's most popular open-source vulnerability scanner used in over 75,000 organizations world-wide. Many of the world's largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

The "Nessus" Project was started by Renaud Deraison in 1998 to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organizations such as the SANS Institute. It is estimated that the Nessus scanner is used by 75,000 organizations world-wide.

In 2002, Renaud co-founded Tenable Network Security with Ron Gula, creator of the Dragon Intrusion Detection System and Jack Huffard. Tenable Network Security is the owner, sole developer and licensor for the Nessus Open-Source Scanner source code, the Nessus trademark and the nessus.org domain worldwide. Tenable is privately held and located in Columbia, MD.

Tenable delivers commercial enterprise network security products that perform unique distributed and dedicated vulnerability assessments of computer networks. Tenable offers software products which focus on three areas of security information management:

* Vulnerability Discovery and Management
* Security Event Management; and
* Executive and Technical Communication

Here are some key features of "Nessus":
A complete analysis of your security level

Up-to-date security vulnerability database

We mostly focus on the developement of security checks for recent security holes. Our security checks database is updated on a daily basis, and all the newest security checks are available here and can be retrieved with the command nessus-update-plugins. An RSS feed of all the newest security checks allows you to monitor which plugins are added and when.

Remote AND local security

Traditional network security scanners tend to focus on the services listening on the network - and only on these. Now that viruses and worms are propagating thanks to flaws in mail clients or web browsers, this conception of security is getting outdated.
Nessus 2.1 is the only security scanner out there which has the ability to detect the remote flaws of the hosts on your network, but their local flaws and missing patches as well - whether they are running Windows, Mac OS X or a Unix-like system.
Get the full picture - not just half of it. More information...

Elegant architecture

Extremely scalable

Nessus has been built so that it can easily scale down to a single CPU computer with low memory to a quad-CPUs monster with gigabytes of RAM. The more power you give to Nessus, the quicker it will scan your network.

Plug-ins

Each security test is written as an external plugin, written in NASL. This means that updating Nessus does not involve downloading untrusted binaries from the internet. Each NASL plugin can be read and modified, to better understand the results of a Nessus report.

NASL

The Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language) a language designed to write security test easily and quickly. NASL plugins run in a contained environment on top of a virtual machine, thus making Nessus an extremely secure scanner.

Unique features

Smart service recognition

Nessus does not believe that the target hosts will respect the IANA assigned port numbers. This means that it will recognize a FTP server running on a non-standard port (ie: 31337), or a web server running on port 8080. Nessus is the first scanner on the market to have implemented this feature for all the security checks (and has been copied by many since then).

Multiples services

If a host runs the same service twice or more, Nessus will test all of them. Believe it or not, several scanners on the market still consider that a host can only run one server type at once.

Full SSL support

Nessus has the ability to test SSLized services such as https, smtps, imaps, and more. You can even supply Nessus with a certificate so that it can integrates into a PKI-fied environement. Once again, Nessus was one of the first security scanner on the market to provide this feature.

Non-destructive OR thorough

Nessus gives you the choice between performing a regular non-destructive security audit on a routinely basis, or to throw everything you can at a remote host to see how will it withstands attacks from intruders. Many scanners consider their users to be too inexperienced to make that kind of choice, and only offer them to perform "safe" checks.

Backed by the Open-Source community

The biggest user base

The most pessimistic computations, based on the number of downloads every day, give Nessus at least 50,000 users worldwide, but there might be even more - after all, Nessus is downloaded over 2,000 times every day !
Our huge user base allows us to get the best feedback regarding security checks - and therefore to offer security checks which are reliable, non destructive and not prone to false positives.

Proven maturity

The first public release of Nessus was in 1998. The technology behind it has been extensively tested and proven over time, on huge networks.

Nessus 2.2.9 keywords