Saturday, August 14, 2010

Nessus vulnerability and Port scanner

The Nessus® vulnerability scanner is the leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. 

Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

 1. Vulnerability Scanner
 2. Port Scanner
 3. Host and Device detection

 4. Can be used to scan NETBIOS (Windows and Samba) servers
 5. Profiles (Scan Policies) for target scans, with specific exploits to query
 6. Reporting
 7. Client/Server enabled; multiple clients may use the central Nessus server
 8. Client support for Windows, Linux, etc.
 9. Runs as a service, awaiting inbound PenTest requests
10. Penetration testing tool
11. Nessus can be automated
12. Supports plug-ins for vulnerability signatures
13. Supports parallel scanning of targets

Installation and Usage:
 1. Download Nessus from install
 2. Register nessus using 'nessus-fetch', with provided code
    a. /opt/nessus/bin/nessus-fetch --register
 3. Install Nessus Client and Explore the interface
    a. rpm -Uvh NessusClient*
4.  It  comes with built in web interface to perform the scan from any system

On the Nessus Client Interface, 
 4. Perform a PenTest of the localhost
 5. Perform a PenTest of the local network and Generate Report
 6. Evaluate results

Nessus will auto-update its plug-ins after registration, every 12-hours