Results 1 to 10 of 10

Thread: What is nessus?

  1. #1
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289

    What is nessus?

    I know that this may be this may be quite annoying for some experts ... hopefully annoying enough to flame me. But I have heard too much about nessus. This thing comes along with many Linux distros. But after all what is nessus? Google and other searches tell it is a network vulnerability scanner. However I see some people tell that nessus is a DATA recovery software. While some say that it runs on *nix boxes but some say that runs even on Windows.

    So is nessus a Network vulnerabilty scanner or Data recovery solution or both?

    What OSes does it run on? Does it run on only *nix or Windows or both or even on others like Mac?

    Thanks in advance.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  2. #2
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    Nessus : Premier UNIX vulnerability assessment tool
    Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Nessus 3 is now closed source, but is still free-of-cost unless you want the very newest plugins. Also, run on windows xp. This was copied and pasted from www.insecure.org
    and don't forget about

    http://www.nessus.org/

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    In other words, it's not a data recovery tool. It's a vulnerability scanner that runs on UNIX and W32. In addition to Nessus, Tenable makes additional compliment software.

    For more, see: http://www.tenablesecurity.com

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    Nessus 3 is available for the following platforms :
    - Linux : Fedora FC5 & 6, Red Hat Enterprise 3 & 4, SuSE 9.3 & 10, Debian 3.1 (i386)
    - FreeBSD : FreeBSD 5 & 6 (i386)
    - Solaris : Solaris 9 & 10 (sparc)
    - Mac OS X : Mac OS X 10.4 (intel & ppc)
    - Windows : Windows 2000, XP and 2003 (32 bits)

  5. #5
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Thanks a lot to all of you. I understood the fact. Now can someone tell me if it fine to use it for scanning my home network with it?

    Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  6. #6
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    Thanks a lot to all of you. I understood the fact. Now can someone tell me if it fine to use it for scanning my home network with it?
    Nessus 3.0.5 would be perfect for you to scan your LAN also help to find any holes, open ports detailed technical info about each warning excellent too indeed. As a matter of fact I scanned a box on mmy WLAN last night.

    Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.
    __________________

    Honestly, I don't know I havent read the EULA IM sure it's all covered in their. As far as legal action yes you could get in trouble for scanning remote machines espically with an application like nessus. I personally wouldnt just scan random host(s) with an application like nessus. To noisy. Try an app like nmap from www.insecure.org
    Last edited by Computernerd22; April 15th, 2007 at 06:30 PM.

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    I personally wouldnt just scan random host(s) with an application like nessus. To noisy. Try an app like nmap from www.insecure.org
    NMAP scans can be seen just like a jumbo jet coming out of the sky if you don't configure the scan properly. Have a look at some of the tutorials on the site for step by step instructions on how to use NMAP effectively.

    Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.
    It depends what you scan, which country the target host/network resides and what laws you break in between. Best practice is to assume that it is illegal unless you've been given permission to scan it. Insecure.org has a dummy server out on the net that you can freely scan. Visit the site for details.

    Scanning from behind a SOHO NAT router (like Linksys, etc.) out to external IPs is a verrrrry bad idea. You will consume all the memory used for the connection table and your router will lock up tight.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    NMAP scans can be seen just like a jumbo jet coming out of the sky if you don't configure the scan properly
    Exactly, very true indeed. However, the reason I recommend nmap because with the right options you can make it more stealth/less noticable than you would with Nessus 3.

  9. #9
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    I have used NMAP in past and know very well that how problematic it can become. in some cases it can be too late too. Anyway i will check the tutorial section for that.

    thank you all.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  10. #10
    Senior Member PacketThirst's Avatar
    Join Date
    Aug 2004
    Posts
    258
    Will using it to scan external IPs be against Law? I wanted to use it to scan the external IPs.
    Why on earth would you want to scan external IPs ? Thats rude!
    Last edited by PacketThirst; May 2nd, 2007 at 06:51 PM.

Similar Threads

  1. Update & Mini Tut: Nessus server setup and NASL modding
    By thehorse13 in forum The Security Tutorials Forum
    Replies: 0
    Last Post: April 13th, 2005, 04:35 PM
  2. NESSUS 2.1.0 has been released!!
    By thehorse13 in forum IDS & Scanner Discussions
    Replies: 0
    Last Post: July 7th, 2004, 02:49 PM
  3. Introduction to Nessus
    By \/IP3R in forum IDS & Scanner Discussions
    Replies: 7
    Last Post: November 7th, 2003, 05:42 PM
  4. Step-by-step setup of Nessus - TUTORIAL
    By thehorse13 in forum The Security Tutorials Forum
    Replies: 3
    Last Post: August 27th, 2003, 06:27 PM
  5. NESSUS 2.0.0 has been released
    By thehorse13 in forum IDS & Scanner Discussions
    Replies: 0
    Last Post: February 24th, 2003, 08:29 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •