Nessus Security Scanner
According to the popular consensus, Nessus is by far among the best choices of vulnerability scanners. What’s more, it’s part of the Gnu’s Not Unix (GNU) General
Public License (GPL) and can therefore be obtained and utilized at no charge.
The following are some of the features of Nessus:
Public License (GPL) and can therefore be obtained and utilized at no charge.
The following are some of the features of Nessus:
Plugin Architecture
Each security test is written as an external plugin. This
means that you can easily add your own tests without having to read the code
of the nessusd engine.
means that you can easily add your own tests without having to read the code
of the nessusd engine.
Nessus Attack Scripting Language.
Nessus Security Scanner includes Nessus
Attack Scripting Language (NASL), a language designed to write security tests
easily and quickly. (Security checks can also be written in the C programming
language.)
Attack Scripting Language (NASL), a language designed to write security tests
easily and quickly. (Security checks can also be written in the C programming
language.)
Up-to-Date Security Vulnerability Database.
Nessus focuses mostly on the
development of security checks for recent security holes.
development of security checks for recent security holes.
Client/Server Architecture.
Nessus Security Scanner is made up of two parts:
a server, which performs the attacks, and a client, which is the front end. You
can run the server and the client on different systems. That is, you can audit
your whole network from your personal computer, whereas the server performs
its attacks from the mainframe, which is “upstairs.” There are three clients: one
for X11, one for Win32, and one written in Java.
a server, which performs the attacks, and a client, which is the front end. You
can run the server and the client on different systems. That is, you can audit
your whole network from your personal computer, whereas the server performs
its attacks from the mainframe, which is “upstairs.” There are three clients: one
for X11, one for Win32, and one written in Java.
Test Capability on an Unlimited Number of Hosts Simultaneously.
Depending on the power of the station on which you run the Nessus server, you can test 2,
10, or 40 hosts at the same time.
10, or 40 hosts at the same time.
Smart Service Recognition.
Nessus does not believe that target hosts will respect
the Internet Assigned Numbers Authority (IANA) port numbers. This means
that Nessus will recognize an FTP server running on a nonstandard port (say,
31337) or a Web server running on port 8080.
the Internet Assigned Numbers Authority (IANA) port numbers. This means
that Nessus will recognize an FTP server running on a nonstandard port (say,
31337) or a Web server running on port 8080.
Multiples Services.
Imagine that you run two or more Web servers on your
host—one on port 80, the other on port 8080. Nessus will test the security of
both ports.
host—one on port 80, the other on port 8080. Nessus will test the security of
both ports.
Cooperation Tests.
The security tests performed by Nessus cooperate so that
nothing useless is made. If your FTP server does not offer anonymous logins,
then anonymous-related security checks will not be performed.
nothing useless is made. If your FTP server does not offer anonymous logins,
then anonymous-related security checks will not be performed.
Cracker Behavior.
Nessus does not trust that version x.y.z of a given software
is immune to a security problem. Ninety-five percent of the security checks will
actually perform their job, so you should try to overflow your buffers, relay
some mails, and even crash your computer!
Complete Reports. Nessus will not only tell you what’s wrong on your network,
but will, most of the time, tell you how to prevent crackers from exploiting the
security holes found and will give you the risk level, from low to very high, of
each problem found.
Exportable Reports. The Unix client can export Nessus reports as ASCII text,
LaTeX, HTML, “spiffy” HTML , and an easy-to-parse
file format.
is immune to a security problem. Ninety-five percent of the security checks will
actually perform their job, so you should try to overflow your buffers, relay
some mails, and even crash your computer!
Complete Reports. Nessus will not only tell you what’s wrong on your network,
but will, most of the time, tell you how to prevent crackers from exploiting the
security holes found and will give you the risk level, from low to very high, of
each problem found.
Exportable Reports. The Unix client can export Nessus reports as ASCII text,
LaTeX, HTML, “spiffy” HTML , and an easy-to-parse
file format.
Full SSL Support. Nessus has the capability to test Secure Socket Layer (SSL)-
ized services, such as HTTPs, SMTPs, and IMAPs. You can even supply Nessus
with a certificate so that it can integrate into a public key infrastructure (PKI).
Smart Plugins. Nessus will determine which plugins should or should
not be launched against the remote host . This option is called optimizations.
Nondestructive. If you don’t want to risk bringing down services on
your network, you can enable the “safe checks” option of Nessus, which will
make Nessus rely on banners rather than exploit real flaws to determine
whether a vulnerability is present.
No comments:
Post a Comment