What Are The Main Features Of Nessus

Published Date: 02 Nov 2017

In this assignment, the following questions are going to be covered:

"In the context of network vulnerability auditing, what is Nessus? What are the main features of Nessus? What are the advantages and disadvantages of deploying Nessus in a corporate network environment?"

The format of the assignment will be as follow:

1) An introduction covering what the Nessus tool generally is

2) A discussion part which will give analytical answers to all questions asked

3) A conclusion which will conclude and set the outcomes of the assignment

4) A reference section which will state all the references used in order to form this work

Now without any further ado, let’s move on!

Introduction

Nessus is a free of charge vulnerability scanning program, for use in a non-enterprise environment. Its function is to detect potential vulnerabilities on tested systems. It includes configuration auditing, asset profiling, high-speed discovery, sensitive data discovery and vulnerability analysis of a security posture. Nessus scanners can be allocated within an entire enterprise, inside DMZs and across physically separate networks.

Discussion

In the context of network vulnerability auditing, what is Nessus? [1] 

In the context of network vulnerability, Nessus is a free of charge vulnerability scanning program for use in a non-enterprise environment. Its function is to detect potential vulnerabilities on a tested system by performing vulnerability assessments, and in the case of a network, Network assessments.

But first of all what is a vulnerability?

Vulnerability is any programming misconfiguration or error that could allow a hacker/intruder to gain illegal access.

A vulnerability, could be anything from a non attended programming flaw to a weak password used set by an administrator.

Examining what a vulnerability is, leads us to the question of what a vulnerability assessment is.

Vulnerability assessment is the process of locating and reporting vulnerabilities.

Being able to detect security issues before someone can take advantage of them is the key needed, to deal with them and do all the necessary adjustments to better reinforce the systems defenses.

Finally

Network assessments is a methodology used, in locating all live systems on a network, revealing all the network services that are in use, thus analyzing them for potential vulnerabilities.

What are the main features of Nessus? [2] 

Nessus main features are as follow:

Remote and local security: Whether they are running Windows, Mac or a Unix system, Nessus is perhaps the only security scanner that has the capability to detect not only the remote flaws of the hosts that are on a network, but their missing patches and local flaws as well.

Up-to-date security vulnerability database: By using the command Nessus-update-plugins, The Nessus security checks database (which is updated on a daily basis) can be retrieved.

Plug-ins: Each security test is materialized as an external plug-in, written in NASL, which means that updating Nessus does not involve downloading potentially threatening binaries from the internet.

Scalable: Nessus will quickly exploit the systems strengths, so it can increase its scanning efficiency. The more power you give to it, the faster it will scan a network.

NASL: Nessus includes NASL, (Nessus Attack Scripting Language) a language designed to rapidly write security test.

Smart service recognition: It isn’t in Nessus beliefs that the target hosts will respect the IANA assigned port numbers. Thus it will identify a FTP server running on a non-standard port, or a web server running on port 8080.

Multiple services: Nessus will test all of the services that are run twice or more by a host run.

Full SSL support: Nessus has the capability to test SSLized services such as https, smtps, imaps, and can even be supplied with a certificate so that it can be integrated into a PKI type environment.

Non-destructive or thorough: Nessus gives you the option to either perform a regular non-destructive security audit on a daily basis, or to throw everything you can at a remote host to test its mettle, and see how it will withstand attacks from intruders.

The biggest user base: Nesus has approximately at least 50.000 users worldwide and there could potentially be even more, if the daily downloads of it are taken into account

Proven maturity: The first public release of Nessus was in 1998. The technology behind it has been extensively tested and perfected, on huge networks over time

What are the advantages and disadvantages of deploying Nessus in a corporate network environment?

The first advantage of Nessus is about its price in the market. The base desktop-scanning product is free for home use and inexpensive for commercial use. Another big advantage is that there are so many programmers that create plug-ins, tools and new vulnerability checks for this program because its open source and everyone can use it. In Nessus you can:

Review the source code of the main tool and any of the security checks to make sure that nothing "fishy" is going on.

Write your own vulnerability checks and incorporate them into the tool.

Although Nessus has many and critical advantages the biggest disadvantage is that it can’t compete with other products in the market that can handle regular coordinated scans. It doesn’t have centralized management. It can’t manage all of our scanning engines from one location. Another problem is its inability to provide role-based access to the scanning infrastructure so that no security personnel can use the application to scan certain networks for specific vulnerabilities. [3] Also because it’s free, it comes with no support, and that makes it pretty difficult to buy for companies. Lastly, it can’t handle meaningful reports so that makes it lack in a big part against the competition.

Conclusion

In this research, the nessus scanning program was introduced and thoroughly examined, within a discussion that posed some matters on the table. Someone was able to examine what is nessus within a network vulnerability auditing context, what are the main features of it, and finally what are its advantages and disadvantages when deploying it within a corporate network environment. With those questions answered, someone can clearly see why nessus is one of the best open source vulnerability scanning programs around, and why it is a great choice for big companies! A great addition to any network that respects itself!