Nessus also makes no assumptions regarding what services are running on what ports and it actively attempts to exploit vulnerabilities rather than just comparing version numbers of the active services.
The Nessus Client component is available for all Linux / Unix systems. There is also a Win32 GUI client that works with any version of Microsoft Windows.
I ran into a glitch though. I was told that I needed to install "sharutils" in order for the installation to work. Not being a Linux guru I turned to one of my Antionline.com compatriots for assistance. With some help from Sonny Discini, Sr. Network Security Engineer for Montgomery County Government (aka thehorse13), I was able to get the code compiled, installed and ready to run on my Redhat Linux machine.
I then installed the Win32 GUI Nessus Client component on my Windows XP Pro machine. That installation process was a little more "straight-forward" for someone familiar with Windows.
Nessus gives you a lot of options when it comes to running the actual vulnerability scan. You can scan individual computers, ranges of IP addresses or complete subnets. You can test against the entire collection of over 1200 vulnerability plugins, or you can specify an individual or set of specific vulnerabilities to test for.
Unlike some other open source and commercially available vulnerability scanners, Nessus does not assume that common services will be running on common ports. If you run an HTTP service on port 8000 it will still find vulnerabilities rather than assuming that it should find HTTP on port 80. It also does not simply check the version number of the services running and assume the system is vulnerable. Nessus actively attempts to exploit the vulnerabilities.
With such powerful and comprehensive tools available for free, it is difficult to make a case for spending thousand or tens of thousands of dollars to implement a commercial vulnerability scanning product. If you are in the market- I certainly suggest you add Nessus to your short list of products to test and consider.
No comments:
Post a Comment