Nessus: Definition, Architecture and Features

What is Nessus?

Nessus is a proprietary vulnerability scanner developed by Tenable Inc. Nessus is an open source (under GPL license) network vulnerability scanner that has a database of common vulnerabilities which is matched with the vulnerabilities of the system. Nessus works by testing each port on the server/computer and then finding any potential vulnerabilities.

Nessus

Architecture of Nessus

1. Modular Architecture

It provides flexibility to the tester to deploy the scanner and connect to the client from any machine with a web browser.

2. Plugin Architecture

It provides flexibility to the tester to add plugins and groups into one of 42 families. Through this, users can easily add their test by selecting specific plugins.

Features of Nessus

  1. Nessus is written in NASL language which is Nessus Attack Scripting Language which is designed specifically to write security tests easily and quickly.
  2. Nessus has an inbuilt feature of auto-updating its database which helps to update and disclose new vulnerabilities.
  3. Nessus can test multiple hosts simultaneously.
  4. Nessus does not expect the target hosts to follow IANA-assigned port numbers.
  5. If two or more servers run on the same host but on different network ports then Nessus will identify and test all of them.
  6. Nessus categorizes vulnerabilities based on the informational risk level, low medium, high and critical.
  7. Nessus allows you to add extra plugins as per need.
  8. Nessus will also tell which plugin should or should not be used against a remote host.
  9. Certain checks may prove to be detrimental for some networks. For avoiding service failure, enable the "safe check" option in Nessus.
  10. Nessus is fully supported on all major operating systems like windows, Linux, Mac OS, etc.
  11. Nessus can be easily integrated with tools like Nmap and Nikto.
  12. Nessus allows the user to take the report in pdf, HTML, etc format.
  13. Nessus can also detect missing security updates and patches.

Disadvantages of Nessus

  1. Hard to configure for beginners.
  2. The free non-commercial license is limited to up to 16 IP addresses that must be within the same household.
  3. Limited support for ubuntu, Fedora core, Free BSD, and Debian.
Click here to know more about Nessus.

Popular Posts

Conducting Polymers: Definition, Examples, Properties and Applications

Image
What are Conducting Polymers? As the name suggests organic polymers that conduct electricity are known as conducting polymers. They are also known as intrinsically conducting polymers (ICPs) and they have alternating single and double bonds along the polymer backbone (conjugated bonds) or that are composed of aromatic rings such as Phenylene, naphthalene, anthracene, pyrrole, and thiophene which are connected through carbon-carbon single bonds. Examples: Polyacetylene, Polypyrrole, Polyaniline, etc What is the reason behind conducting nature of these polymers? Conducting polymers comes in two forms that are doped conducting polymers and non-doped conducting polymers. The conductivity of non-doped conjugated polymers is due to the existence of a conductivity band similar to a metal. In a conjugated polymer, three of the four valence electrons form strong sigma bonds through sp² hybridization where electrons are strongly localized. The remaining unpaired electron of each carbon atom re
Read more

Crime Scene: Definition, Types and Characteristics

Image
What is a Crime Scene ? A place where the crime is committed or where the maximum physical evidence related to crime is found is known as a crime scene. A crime scene is a starting point of the investigation which provides information about the suspect and the victim. This helps to reconstruct the crime and fast resolution of the case. It is noted that the crime scene is not limited to a single place but may extend to a wider area depending upon the nature of the crime committed. For example, In a murder case where murder is done at one place and the body is disposed on another place. In this case, we have two crime scenes that give information about the crime. Types of Crime Scene Based on evidence found on the crime scene: 1. Primary Crime Scene The crime scene where the actual crime occurred or where more usable pieces of evidence were found is known as the primary crime scene. For example, A murder scene, theft, assault, etc. 2. Secondary Crime Scene The crime scene which is some
Read more

Raman Spectroscopy: Principle, Instrumentation and Applications

Image
What is Raman Spectroscopy? Raman spectroscopy was given by an Indian Physicist Sir C.V Raman , which is based on inelastic scattering of monochromatic light with the sample. The resulting light will have a different frequency than incident light due to this inelastic scattering.  This technique is widely used to analyze vibrational, rotational, and other low-frequency interactions in the molecule. This significantly helps in the elucidation of molecular structure, identifying functional groups, etc. Principle of Raman Spectroscopy Raman spectroscopy is based on the inelastic scattering of electromagnetic radiation with the molecule. We have two types of scattering that are elastic and inelastic scattering.  Elastic scattering obeys the Rayleigh law that states that there will be no loss of energy and momentum of the incidence radiation and scattered radiation. That's why this scattering is also known as Rayleigh scattering. Whereas, there will be some conditions (1 in million
Read more