Nasl

Printable View

May 27th, 2003, 10:50 PM
hatebreed2000

Nasl

For those of you that don't know what nessus is or maybe you've heard of it but maybe havent put any time into gathering info on it, it is THE best vulnerbility scanner in my opion, and I will tell you why:
1)You can review the source-code of the main tool and any of the security checks to look for dangerous functions

2)A large group of developers are involved in seeing at its success

3)It is free

4)You can write your ver own vulnerbility checks and incorporate them into the scanner

And it is this last reason that I post this thread, for those of you wishing to learn the architecture behind this great program and write your own scripts. Here it is http://www.nessus.org/doc/nasl.html
I suggest for any of you that are serious about getting into security that you take the time to learn about this program, hope this helps someone.Take it easy people.
May 28th, 2003, 12:13 AM
NeuTron

Good Post.........Interesting stuff. I'd give you some positive points but Im only at 46 so they'd only be grey. Good job though. :)
May 28th, 2003, 04:42 AM
MemorY

i heard of the tool ..but didnt gather information on what it does ...now i'll make sure i download it ... :)
June 1st, 2003, 02:08 AM
w0rm3y

when using nessus, please be careful, especially if you're running at work since some of the plugins are capable of DoS.

w0rm3y
June 1st, 2003, 01:29 PM
hatebreed2000

w0rm: for most situations, there are exceptions, you should always have the DoS plug in turned off, sending only a few packets can take a host off line, so yes good call. It should be pretty common sense what the plug ins do, and if you are unsure, you should have no problem finding the answers in the man pages or a quick search online.
June 1st, 2003, 01:33 PM
str34m3r

I just hope nessus doesn't go the way SAINT did. I remember the good old days when SAINT was free. Now you pay thousands of dollars up front plus a subscription fee every year. As long as nessus stays free, I'll continue to sing its praises. It's always nice to know that if something goes wrong, I can run into the source code and fix it.
June 2nd, 2003, 11:52 AM
sweet_angel

Quote:

Originally posted here by w0rm3y
when using nessus, please be careful, especially if you're running at work since some of the plugins are capable of DoS.

w0rm3y

Hi,
If you select "Enable All" in plugins box, there is a high probability that you will cause the targeted machine/your box to crash ( yes don't use someone else box! it's illegal without permission, so please be careful ) and the better way to choose the plugins is..choose "Enable All but Dangerous Plugins".

Just my opinion though :)

Cheerss
June 2nd, 2003, 03:34 PM
thehorse13

You can actually generate a **** storm of traffic with NESSUS but it has a nice safeguard in that even if you choose to run 1000 simultanious scans against a single host, you still can't go higher than 10 scans unless "be_nice =" is set to "no" in the nessusd.conf file.

Yes, I tried a demo copy of SAINT and while it seems to do a decent job, it is very cumbersome to configure these days (as far as scan options go, not setup). It seems that every option in the world is on one HTML page. In my opinion, NESSUS is far superior.

-TH13
June 2nd, 2003, 03:50 PM
w0rm3y

well actually, denaud did start tenablesecurity.com which is commercial version, but i think they're moving ahead with the open source support still.

-w0rm3y
June 2nd, 2003, 07:58 PM
thehorse13

Quote:

well actually, denaud

LOL, it's Renaud :) (I know that you fat fingered the name) and yes they have both a commercial and open source line of products. They are right in Columbia MD, a stones throw down the road from my office. What's funny is that most people think that Renaud is an old guy but he is only about 23 years old.