Nessus 4 has been released
Posted on 09 April 2009.
Tenable released version 4 of the Nessus vulnerability scanner. Nessus is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.

One of the most notable features of Nessus 4 is the ability to create custom XSLT reports based on your scan results. Nessus now also supports a fully multi-threaded scanning engine, which is improves performance and decrease your scan times.

The following is a highlight of some of the features and improvements:

Nessus engine
  • Uses the same engine on Windows and Unix-based systems for a unified experience on all platforms and more consistent results
  • Fully thread-based (as opposed to process based) for better scalability and reduced memory usage
  • Performance improvements to reduce CPU usage on all platforms.
Port scanners
  • Local and remote port scanners can now be combined. For example, if you select the Nessus SYN scanner and the netstat WMI portscanner , Nessus will try to log in via WMI to enumerate the ports first, then to fall back to the SYN scanner
  • The TCP SYN port scanner has been rewritten entirely and operates the same between Windows and Unix-based systems
  • Native UDP port scanner (ProfessionalFeed Only).
Compliance checking
  • The database compliance checks can now log into MSSQL over SSL
  • The PCI-DSS plugins are now fully supported.
NASL (Nessus Attack Scripting Language)
  • Added support for Perl Compatible Regular Expressions (PCRE) to NASL
  • NASL scripts can now share results between hosts via a global knowledgebase
  • New NASL functions (XML parsing, the bignum library, new packet forgery functions, new socket-related functions and more).
NessusClient
  • Support for XLST transformations of the reports - This is one of the most exciting features and will be described in more detail in upcoming blog posts.
  • The ability to export a .nessus file based on a filtered report
  • Unlimited number of filters for the NessusClient on Windows and Unix-based systems.
Cross-platform
  • No external libraries are required, eliminating the need to tamper with your system configuration in /etc/ld.so.conf
  • Added support for the newest Linux distributions (Debian 5, Fedora 10, etc.)
  • New "linux-generic32" and "linux-generic64" builds for additional linux distributions
  • 64-bit native builds of Nessus/NessusClient for FreeBSD, Windows and Linux
  • All the Unix command-line tools (e.g., nessus-fetch, 'nessus', nessuscmd) now also run on Windows.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //