I've been reading Counter hack by Ed Skoudis and found a vulnerability scanner named nessus, has anyone used this before? pros and cons? I appreciate your imput.
Printable View
I've been reading Counter hack by Ed Skoudis and found a vulnerability scanner named nessus, has anyone used this before? pros and cons? I appreciate your imput.
Yup, it works. Yup its good.
Pros...It works like its supposed to. Can be updated. Great for securing your network.
Cons..It works like its supposed to. Great for scanning other sites (although it does get logged quickly). Also, the setup is a little tricky, because some of the instructions are wrong. The windows client sucks.
Nessus is just one of a handful of vuln. scanners that are pretty much the same.
nessus is the best vulnerability scanner around. I have tried many including, Webtrends, CA Cybercop, Symantec Netrecon, and several others.
I would say that the only limitation to this point is it's reporting features. Although it will still generate HTML outputs, along with several other types, it is just not quite as robust in that aspect as several of the others. I also think the setup is about as easy as it gets:
Just run --> lynx -source http://install.nessus.org | sh
or
download it first and run --> sh nessus-installer.sh
Thats it!!
For the price, Nessus is a great tool. It stays up to date with vulnerabilities and the subsequent attacks, does a fair job of reporting the problem/correction intelligbly, is fairly easy to use, and is customizable to the environment that you are in; however, it can be extremely slow if you scan anything over a few devices. The attacks are also precanned, well known attacks that will make any IDS or system log light up like a christmas tree. So it is anywhere from good to outstanding, depending on what you are looking for and the amount of money you are able to pony up...
version 1.2.1 was released on June 3rd for anyone that uses this program and wants to update it.
How well does it compare to Saint, that is, what are the advantages/disadvantages if any. Is one more accurate, detectable, stable, etc?
I've not found a version that works well with FreeBSD yet and subsequently have not had chance to compare yet. Soon though I would like to think. CVsup runs tonight, so it should happen pretty quickly.