Professional Documents
Culture Documents
Nessus
Nessus
NESSUS
Introduction
A vulnerability scanning tool Is a client-server architecture. The Nessus client connects to the server, provides it with information, and the server actually runs the scan It can be used to detect thousands of well-known potential vulnerabilities on a remote host Is commonly used by network administrators who want to keep their domains secured against these common vulnerabilities that malicious hackers and viruses often look to exploit.
1/20/2013
Introduction
1/20/2013
Similarly to nmap, Nessus performs a port scan on the target machine. Nmap only tells user what's listening, Nessus can tell user what's vulnerable. For example, it can perform various checks to determine which services are running on the remote host (e.g., Apache), what their version numbers are (e.g., 2.2.2), and then checking against a database of known vulnerabilities that are present in those versions of the services (e.g., mod_rewrite off-by-one error, CVE-20063747).
Introduction
1/20/2013
Nessus does not actually perform any exploits - it only detects vulnerabilities. Neither does Nessus prevent attacks or make any attempts to correct the vulnerabilities - it is still up to the network administrator to patch these vulnerabilities based on the guidance that Nessus provides
Introduction
1/20/2013
Similarly to nmap, Nessus performs a port scan on the target machine. However, whereas nmap only tells user what's listening, Nessus can tell user what's vulnerable. For example, it can perform various checks to determine which services are running on the remote host (e.g., Apache), what their version numbers are (e.g., 2.2.2), and then checking against a database of known vulnerabilities that are present in those versions of the services (e.g., mod_rewrite off-by-one error, CVE-20063747).
Introduction
1/20/2013