Nessus 5.2 Installation and Configuration Guide (3.2 MB PDF).You can download the guide for version 5.x below.
Tenable provides clear installation instructions in the Nessus Installation Guide, so they will not be needlessly reproduced here. Starting with v5.2, the Nessus interface is based on HTML5. Starting with version 4, the Nessus client moved from standard application format to a web-based (runs in a browser) format that utilizes Adobe Flash. Further differences between the two feeds are described here. Paying customers ($1500 annually) receive the latest plugins from Tenable along with technical support. Starting with version 3 in 2005, Tenable closed public access to the source code and began charging subscription fees for the plugin “registered feed” (a free “home feed” is still available for non-commercial installations of Nessus).
Versions 1 and 2 were distributed as free and open source software (FOSS). There is even an embedded scripting language (known as NASL) for writing your own custom plugins. When Nessus can connect to the Internet it automatically downloads the latest plugins which will enable it to recognize and report on the latest known software weaknesses (such as those disclosed by Mitre). Plugins are small programs that look for specific vulnerabilities (Nessus contains tens of thousands of them). The Nessus server utilizes plugins to determine which flaws exist on the target hosts. The Nessus server (a Windows service or a Linux daemon called nessusd) performs the actual scanning while the client presents the user with an interface and passes commands to the server. On both operating systems, Nessus operates as a server and as a client.
Nessus is available for both Linux and Windows. In this way Nessus is very similar to BeyondTrust Retina however, these two tools have very different user interfaces and Nessus is undoubtedly more popular and widely used, as multiple surveys on have shown over the years. Some of these flaws include outdated and vulnerable software, improper configurations such as accounts with default passwords or without password protection, and the presence of risky services or daemons. During its scans, Nessus probes ports and checks for potential software flaws that could be exploited by hackers or malware. Nessus is designed to comprehensively scan network hosts for vulnerabilities and generate reports based on its findings. If Nmap is the most popular free network scanning tool, then Nessus by Tenable is undoubtedly the most widely used commercial security application.
0 kommentar(er)
