1/20/2013

NESSUS

Introduction
A vulnerability scanning tool Is a client-server architecture. The Nessus client connects to the server, provides it with information, and the server actually runs the scan It can be used to detect thousands of well-known potential vulnerabilities on a remote host Is commonly used by network administrators who want to keep their domains secured against these common vulnerabilities that malicious hackers and viruses often look to exploit.
1/20/2013

Introduction
1/20/2013

Similarly to nmap, Nessus performs a port scan on the target machine. Nmap only tells user what's listening, Nessus can tell user what's vulnerable. For example, it can perform various checks to determine which services are running on the remote host (e.g., Apache), what their version numbers are (e.g., 2.2.2), and then checking against a database of known vulnerabilities that are present in those versions of the services (e.g., mod_rewrite off-by-one error, CVE-20063747).

Introduction
1/20/2013

Nessus does not actually perform any exploits - it only detects vulnerabilities. Neither does Nessus prevent attacks or make any attempts to correct the vulnerabilities - it is still up to the network administrator to patch these vulnerabilities based on the guidance that Nessus provides

Introduction
1/20/2013

Similarly to nmap, Nessus performs a port scan on the target machine. However, whereas nmap only tells user what's listening, Nessus can tell user what's vulnerable. For example, it can perform various checks to determine which services are running on the remote host (e.g., Apache), what their version numbers are (e.g., 2.2.2), and then checking against a database of known vulnerabilities that are present in those versions of the services (e.g., mod_rewrite off-by-one error, CVE-20063747).

Introduction
1/20/2013

An ounce of prevention is better than a pound of cure

1/20/2013