Nessus is a free, easy to use remote security scanner that is a client-server application. The application is hosted on a server (typically a Unix server), where the software can be kept up-to-date. Nessus scans any system, whether it runs Windows, Mac OS or Unix/Linux. A client server application such as nessus makes it possible to keep one easily-updatable software on a server and makes it easily accessible by as many clients as desired. Nessus also "doesn't take anything for granted" (nessus.org). No matter how your server or workstation is set up or what operating system it uses, it will scan for security vulnerabilities. For example, say your typical webserver is serving a site on port 8080 instead of the regular port 80. Nessus will scan all open ports, regardless of common and defaulted settings.
Tenable Network Security provides a suite of solutions that unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Every audit in Nessus is coded as a plugin: a simple program which checks for a given flaw. There are currently 34060 different plugins used by Nessus, covering local and remote flaws.
For all Nessus Plugins: CLICK HERE
For Demonstration Videos of Nessus: CLICK HERE
For all Nessus documentation: CLICK HERE
To Download Free Nessus 4.2.0: CLICK HERE
Nessus Frequently Asked Questions (FAQ)
Q. What is included in the Nessus download?
A. When you download Nessus, you receive the Nessus 4.2 scanning engine (server) that includes a flash web-based client. To receive updates from Tenable under either a ProfessionalFeed or HomeFeed, you will need to register your scanner with Tenable through Nessus.org.
Q. What OS platforms does Nessus have builds for?
A. Nessus 4.2 is available and supported for a variety of operating systems and platforms:
Red Hat ES 4 (i386) and ES 5 (i386 and x86-64)
Fedora Core 10 (i386 and x86-64) [Compatible with Fedora 9]
Fedora Core 11 (i586 and x86-64)
Fedora Core 12 (i586 and x86-64)
Debian 5 (i386 and x86-64)
FreeBSD 7 (i386 and x86-64)
Ubuntu 8.04 (i386 and x86-64)
Ubuntu 8.10 (i386 and x86-64)
Ubuntu 9.10 (i386 and x86-64)
Mac OS X 10.4/10.5 (i386, x86-64, ppc)
Windows XP, Server 2003, Server 2008, Vista and 7 (i386 and x86-64)
SuSE 9.3 (i386)
SuSE 10.0 (i386 and x86-64)
Q. What does Nessus 4.2 cost?
A. The Nessus 4.2 scanner is available as a free download. To receive updates for new vulnerability checks, select the appropriate plugin Subscription from Tenable depending on the intended use.
Q. Can I use Nessus at work?
A. You must subscribe to the ProfessionalFeed to use Nessus outside of the home
Q. How does the Nessus license work in a VM (virtual machine) environment?
A. Each installation of Nessus requires Tenable's license whether it is stand-alone or in a virtual machine (VM) environment. The same is true for Subscription licensing.
Q. I'm a consultant, can I use Nessus 4.2 to conduct my clients audits?
A. Tenable permits you to use Nessus to audit the security of 3rd party networks but requires that you purchase a ProfessionalFeed Subscription. You must subscribe to the ProfessionalFeed to use it commercially with the latest updates and have access to technical support and knowledgebase articles. A HomeFeed cannot be used for consulting commercially.
A very common scenario for Tenable is to license several ProfessionalFeeds to a service provider who operates an equivalent number of Nessus scanners to check for vulnerabilities on their customers' systems and networks. The ProfessionalFeed license is tied to the Nessus scanner. If the Nessus scanner is mobile (such as on a laptop), then the license is mobile. We do not tie it to an IP address. There is no limitation to the amount of scans completed or IPs scanned. However, the Tenable Plugins are licensed only for use with Registered Nessus scanners obtained directly from www.nessus.org or www.tenablesecurity.com.
Q. I attempted to install Nessus via RPM, but I get an error. Why can't I install Nessus this way?
A. If you downloaded the Nessus RPM to a Windows system and then transferred it to your Unix system, the name of the Nessus RPM file will likely be something similar to Nessus-4[1].2.0-es4.i386.rpm. RPM cannot handle square brackets (i.e., [1]). Rename the file to Nessus-4.2.0-es4.i386.rpm and re-attempt the installation.
Q. How do I run Plugins from the command line and access a knowledge base?
A. You can have the NASL interpreter load the Knowledge Base (KB) for a specific host with the "-k" option. For example, you could test for the First4Internet CodeSupport ActiveX control by running:
$ nasl -k /opt/nessus/var/nessus//kbs/ \
-t codesupport_activex_code_exec.nasl
Note: this requires that you have access to the KB and that the KB has already been populated by any plugin dependencies.
Q. Can I write Custom Plugins for my Nessus Scanner?
A. Tenable Network Security encourages users of the Subscriptions to write and develop new Nessus plugins.
(i) If You feel custom plugins developed by You or Your organization will benefit the Nessus HomeFeed and ProfessionalFeed subscribers, You should consider submitting them to Tenable so that the plugins can be tested and distributed as part of the Subscription. Tenable may accept or reject plugin submissions based on code quality, relevance, performance and other factors. Submitted plugins may include copyright information about the authors, and Tenable will continue to include the copyright information in the plugin. Submitted plugins may not include any licensing terms, usage agreements or distribution clauses that would interfere with Tenable making the plugin available to subscribers to a Subscription, or would limit Tenable's right to modify the plugin if, for example, changes may be useful to improve its accuracy, performance, network impact or other parameters.
(ii) Custom Plugins. You may use the Tenable ".inc" files provided with the Subscription, as well as the built-in NASL functions to write custom plugins for Your internal use and internal redistribution, provided, however, that they may not be privately or publicly distributed, whether for free or for a fee.
(iii) Plugin writers should also be aware that many of the APIs available in the NASL language and various ".inc" libraries, may be used to write custom plugins, but such plugins may only be distributed within Your organization and may not be distributed publicly, whether for free or for a fee. For example, custom plugins that specifically make use of authenticated logins to remote systems via Secure Shell or Windows Domain, that use the libraries included in the Subscriptions or that have previously been distributed with the Registered Feed may not be publicly distributed. To ensure that Your custom plugins do not make use of a library that prohibits public distribution, You should audit them to see which libraries are being invoked and then read each corresponding license.
Q. How do I install my Activation Code?
A. Please view the Nessus Activation Code Installation document for instructions on installing the Activation Code you have received after registering for either the ProfessionalFeed or the HomeFeed.
No comments:
Post a Comment