Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Uninstaller
MediaWorks (publisher)
The Metaweb
Tompw
Radio Sonder Grense
Eisenstein prime
List of documentation...
recommendation
compare webbrowser
Freenet DSL
Who's Online
5 user(s) are online (4 user(s) are browsing encyclopedia)

Members: 0
Guests: 5

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

Nessus (software)

: For other uses of the word Nessus , please refer to Nessus.

In computer security, Nessus is a comprehensive vulnerability scanning program. It consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which presents the results to the user. Its name is derived from Nessus (mythology) who betrayed Heracles and Deianira.

In typical operation, nessus begins by doing a port scanner with Nmap or its own portscanner to determine which ports are open on the target and then tries various exploit (computer science) on the open ports. The vulnerability tests, available as a large body of plugins, are written in NASL (Nessus Attack Scripting Language), a scripting language optimised for custom network interaction.

Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML and LATEX. The results can also be saved in a knowledge base for reference against future vulnerability scans. Scanning can be automated through the use of a command-line client.

Some of Nessus s vulnerability tests can cause vulnerable services or operating systems to crash (computing). The user is provided with the option to disable these unsafe tests.

Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Microsoft Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary attack and brute force methods. The program provides options to mask its activities from network intrusion detection systems.

Nessus was the world s most open-source popular vulnerability scanner, estimated to be used by over 75,000 organizations world-wide. Many of the world s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

The Nessus Project was started by Renaud Deraison in 1998 to provide to the Internet community a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organisations such as the SANS Institute.

On October 5th 2005, Tenable Security changed Nessus 3 to a non-opensource compliant license, although Nessus 3 will be free of charge and Nessus 2 will remain GPL. Some developers have started to maintain independent projects based on Nessus as a consequence such as, for example, GnessUs, Porz-Wahn (see External links, below).

= External links =

  • [http://mail.nessus.org/pipermail/nessus-announce/2005-October/msg00000.html Renaud Deraison announce on Nessus 3]
  • [http://www.nessus.org/ Nessus homepage]
  • [http://www.gnessus.org/ GNessus homepage]
  • [http://www.insecure.org/nmap Nmap Security Scanner homepage]
  • [http://developer.berlios.de/projects/porz-wahn/ Porz-Wahn] is a Free software fork (software development) of Nessus
    		•