2. Index
Topic Reference Slide
Introduction to Nessus 3
History 4
Architecture 5
Operation 6
NASL 9
Features 10
Nessus UI
13
References 14
Nessus- Network Vulnerablity Scanner 2
http://www.ifour-consultancy.com Offshore software development company India
3. Nessus: A security vulnerability scanning tool
• Remote security scanning tool
• Raises an alert if it discovers any vulnerabilities that malicious hackers could exploit
• Runs over 1200 checks to test if any of the attacks could be used to break in
• Used by network administrators
Nessus- Network Vulnerablity Scanner 3
http://www.ifour-consultancy.com Offshore software development company India
4. History
• Started by Renaud Deraison in 1998
• The motive was to provide to the Internet community a free remote security scanner
• On October 5, 2005, Tenable Network Security changed Nessus 3 to a proprietary
(closed source) license
• In July 2008, Tenable Network Security sent out a revision of the feed license that
allowed home users full access to plugin feeds
Nessus- Network Vulnerablity Scanner 4
http://www.ifour-consultancy.com Offshore software development company India
5. The Nessus Architecture
• Nessus is based upon a client-server model
• The Nessus server: nessusd
• Responsible for performing the actual vulnerability tests
• Listening to incoming connections from Nessus clients that end users use to
configure and launch specific scans
• Nessus clients must authenticate to the server before they are allowed to
launch scans
• This architecture makes it easier to administer the Nessus installations
Nessus- Network Vulnerablity Scanner 5
http://www.ifour-consultancy.com Offshore software development company India
6. Operation
• Nessus allows scans for :
• Vulnerabilities that allow a remote hacker to control or access sensitive data
• Misconfiguration : open mail relay, missing patches
• Denial of service against the TCP/IP stack by using mangled packets
• Preparation for PCI DSS audits
Nessus- Network Vulnerablity Scanner 6
http://www.ifour-consultancy.com Offshore software development company India
7. Operation
• Steps Involved :
• Nessus starts with a port scan, with one of its internal port scanners
• To determine which ports are open on the target
• Trying various exploits on the open ports
• Vulnerability tests
• Written in NASL (Nessus Attack Scripting Language)
• Results of the scan can be reported in various formats, such as plain
text, XML, HTML and LaTeX
• The results can also be saved in a knowledge base for debugging
Nessus- Network Vulnerablity Scanner 7
http://www.ifour-consultancy.com Offshore software development company India
8. Nessus- Network Vulnerablity Scanner 8
http://www.ifour-consultancy.com Offshore software development company India
9. NASL : Nessus Attack Scripting Language
• Scripting Language used by Nessus to form Attacks to detect vulnerability
• Guarantees :
• Will not send packets to any other hosts than target
• Will execute commands on only local systems
• Optimized built-in functions to perform Network related tasks like :
• Socket operations
• Open connection if port is open
• Forge IP/TCP/ICMP packets
Nessus- Network Vulnerablity Scanner 9
http://www.ifour-consultancy.com Offshore software development company India
10. Features
• Provides remote and local (authenticated) security checks
• A client/server architecture with a web-based interface
• Server: Performs Attacks
• Client: Front-end
• Both can be located at different machines
• Security Tests are, as external Plugins, easy to add / modify / test without reading
source code of Nessus
Nessus- Network Vulnerablity Scanner 10
http://www.ifour-consultancy.com Offshore software development company India
11. Features
• Audits anti-virus configurations
• Performs sensitive data searches to look for credit card, social security number and
many other types of corporate data
• Nessus can call Hydra (an external tool) to launch a dictionary attack
• Tenable Network Security produces several dozen new vulnerability checks (called
plugins) each week, usually on a daily basis
• These checks are available for free to the general public
• Commercial customers are not allowed to use this home feed any more
Nessus- Network Vulnerablity Scanner 11
http://www.ifour-consultancy.com Offshore software development company India
12. Features
• The Professional feed (which is not free) also gives access to support and add additional
scripts (audit and compliance tests)
• Can Test unlimited amount of hosts in each scan
• Depending on the power of Server, scan can be performed on any range of hosts
• Smart Service Recognition
• Doesn't believe on fixed port for a particular service
• Checks all ports for specific vulnerability
Nessus- Network Vulnerablity Scanner 12
http://www.ifour-consultancy.com Offshore software development company India
13. Nessus UI
• The Nessus User Interface (UI) is a web-based
interface to the Nessus scanner
• Nessus Scanner is comprised of a simple
HTTP server and web client, and requires
no software installation apart from the
Nessus server
• The UI displays scan results in real-time
• User does not have to wait for a scan to
complete to view results
Nessus- Network Vulnerablity Scanner 13
http://www.ifour-consultancy.com Offshore software development company India
14. References
1. www.Wikipedia.com
2. www.tenable.com
3. http://books.msspace.net/mirrorbooks/networksecuritytools
4. Network Security Assessment: Know Your Network
By Chris McNab (chapter 15)
5. http://www.symantec.com/connect/articles/introduction-nessus
6. Symbiosis students.
• Aswathi Jayaram
• Priti Patil
• Shivendra Rawat
• Sudeeksha Verma
Nessus- Network Vulnerablity Scanner 14
http://www.ifour-consultancy.com Offshore software development company India
Notes de l'éditeur
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com
Offshore software development company India – http://www.ifour-consultancy.com