Skip to main content

Nessus : a poweful vulnerabilty scanner


Nessus : a poweful vulnerabilty scanner0

h4ck0lic | 7:16 AM |  ,  ,  ,  , 

What is Nessus?
Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.  It does this by running over 1200 checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it.

Nessus! It features major performance improvements, greater scalability and reduced memory usage.

Engine:
- Same engine on  windows and Unix:
     + Unified experience on all platforms
     + Consistant results across all platforms
(Previously, only the NASL engine was the same between Windows and Unix)
- Fully thread-based instead of being process based
- Better performance
- Better scalability
- Reduced memory usage
- Removed the remaining “.nes” plugins (written in C) entirely
- Many performance improvements to reduce CPU usage on all platforms
- Improved logging in nessusd.dump
Port scanners:
 - Port scanners can now be combined. ie: selecting the SYN scanner and the WMI ‘netstat’ port scanner will make Nessus try to log in via WMI to enumerate the ports first, then to fall back to the SYN scanner if that failed. Therefore, by default, when creating a new policy the WMI, netstat and snmp port enumerators are enabled by default in addition to the Nessus TCP scanner.
- The SYN scanner has been rewritten entirely and is the same between Windows and Linux.
If you are a ProfessionalFeed subscriber, then these changes apply exclusively to you.
 - The Database compliance checks can now log into MSSQL over SSL
 - The PCI-DSS plugins are out of beta
 - A native UDP port scanner is available to ProFeed users
 NASL:
 - Added support for Perl Compatible Regular Expressions (PCRE)
 - Scripts can now share results between different hosts via a global KB
 - New NASL functions (XML parsing, the bignum library, new packet forgery functions, new socket-related functions, and more)
 - Support for unsigned integers

  NessusClient:
 - Support for XLST transformations of the reports
 - It is now possible to export a .nessus file out of a filtered report
 - Linux: 64 bits build for all last-gen distributions
 - Unlimited number of filters in Win32 and Linux
 Linux:
 - No external libraries any more — no need to temper with /etc/ld.so.conf
 - Added support for the newest distributions (Debian 5, Fedora 10, etc…)
 - 64 bits build for all last-gen distributions
 - New “linux-generic32″ and “linux-generic64″ builds for recent unsupported distributions
 FreeBSD:
 - 64 bits build for FreeBSD 7
 Windows:
 - All the Unix command-line tools (nessus-fetch, ‘nessus’, nessuscmd), now run on Windows
 - New server manager GUI
 - The installer is now a .msi package
 - 64 bits build
 Mac OS X:
 - Fixed several memory leaks in the client
 - 64 bits build of the nessusd server
In one of its recent updates, the plugin #36036 can a network based check for Windows computers infected with a variant of the Conficker virus. The scan does not need credentials, but does require ports 445 or 139 to be open between the Nessus scanner and your scanned systems.

Download Nessus 4.4.0 here.

Comments

Anonymous said…
Search engine optimisation, which is often known as SEO, is the practice
of climbing the quantity and quality of visitors generated to a website or other Web based property in search
engines' natural/organic rank benefits for particular words called key
words.
Friday, December 28, 2018 12:49:00 AM
Post a Comment

Popular posts from this blog

Proxy list

* http://www.proxy4free.com * http://www.publicproxyservers.com * http://www.anonymitychecker.com * http://www.proxz.com * http://www.digitalcybersoft.com/ProxyList/ * http://www.checker.freeproxy.ru * http://tools.rosinstrument.com/proxy/ * http://www.samair.ru/proxy/ * http://www.multiproxy.org/anon_proxy.htm * http://www.atomintersoft.com/product...xy/proxy-list/ [/b]
Read more

Useful & Valuable Sites

For Urgent Blood Requirements call +91888704898 Learn online Udemy Coursera Khan Openculture W3Schools Buy online Flipkart Amazon Myntra shopclues freekaamaal Online App Ajio Craftvilla Mirraw Limeroad Voonik Travel Booking Railway Paytm Redbus goibibo Trivago Sales OLX Justdail Quikr carwale 2ndhandbazar Jobs Search Bank Jobs BJS Glassdoor LinkedIn Freelancer S/W Downloads Filehippo Softpedia Download.com SourceForge BrotherSoft Flight Booking Qatar Singapore Makeytrip goindgo Emirates Status Enquiry Passport Panind Aadhar voter PF Yoga Acupoints Acupuncture Prachina Yoga Ayurveda Learn Cloud AWS Azure IBM VMware Redhat Search Engines Google yahoo amazon dogpile aol
43 comments
Read more
Top 10 Most Common Cyber Attacks Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker. Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. For some of them, it’s enough to have the satisfaction of service denial. However, if the attacked resource belongs to a business competitor, then the benefit to the attacker may be real enough. Another purpose of a DoS attack can be to take a system offline so that a different kind of attack can be launched. One common example is session hijacking, which I’ll describe later. There are different types of DoS and DDoS attacks; the most common are ...
Post a Comment
Read more