Advertisement
Home arrow Test Drive arrow Nessus Win32: Ready for prime time?
Thursday, 20 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  7087  74.20%
Win 2003  1521  15.93%
Solaris 9/10  319  3.34%
Win 2000  305  3.19%
FreeBSD  164  1.72%
Other  155  1.62%

Total attacks: 9551 of which 3553 single ip and 5998 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
Nessus Win32: Ready for prime time? PDF Print E-mail
User Rating: / 12
PoorBest 
Monday, 12 June 2006

The long awaited Nessus v3 is now available for Win32. Zone-H had a first hand look, and feel a fair and honest review would be a nice feature for our readers. Nessus has always been the first choice in vulnerability scanning for many years [ at least for *nix systems ].

Support for Windows has been nearly non existent, save for a few attempts by a few individuals and a dedicated port by Cenzic based on the older GPL v2 license. With Tennable's  stance regarding distribution, source code availability and a "delay or pay" approach to plugin availability,  Nessus Direct Feed Subscription .

Apart from the licensing issues, we now focus on usability, features and scanning of the new Nessus for Win32...

Setup & nessusd:

After running the installer and rebooting, starting Tennable's Nessus v3, you are presented with a modern looking GUI.


 

 

 

 

 

 

 

 

 

 

 

The nessusd daemon is automatically installed as a service on setup. Control is via the nessusd[aemon] service  applet and you should set your preferred listening IP depending if you wish to connect to localhost, which is the default, or remotely.

 

 

 

 

 

 

 

 

 

There is a plugin update, accessible via the GUI, that launches a windows <update.jpg> applet [a CLI version is also available]. udating plugins was fast and free of clitches. Connecting to the server via the gui was painless and no user credentials are needed if you are using the service on the localhost.


While this is not a Win32 vs *nix comparison the Win32 nessusd server component performed well and was quite speedy in scanning and loading of the plugins on startup. If you however need to connect to and use the win32 nessusd from a linux client, we are happy to report what appears to be full compatibility.

Back to that GUI...Nessus Client: for those familiar with Tennable's prior pay-only product Newt, you will be at ease and comfortable with the look and feel. For those jumping from traditional GTK front ends found on other platforms, you may experience some frustration in regards to the GUI. [ more on that in a minute]. Now we don't want to "look a gift horse in the mouth", as this is a freeware product, but there are some shortcomings, at least in our opinion of what could have been a stellar well rounded product.

The main thing here is that if you are going to release a new version of a product, especially something long awaited like a freeware Nessus for Windows, please do not stick a feature limited clone of your previous "for sale" product ( NEWT ) in its place. At the very least provide something more than just a re-skin. Our issue here come from one clear fact: the old windows freeware client,  NessusWX simply blows it away. [as well as the Linux variants, but we are focusing on the Win32 version]

While having an addressbook  feature, Nessus does not automaticaly add hosts, or provide an option to do so, which would be a nice feature. Other oddities aside, let's step through the rest of things, and get the nitpicking over with.


When selecting plugins you get this illogical help: "Note: You can either select plugins by family, or click family name first, then select plugins." One suggestion here, having a few pre-defined policies would be a nice feature to ease the building of different policy templates for common types of systems and scanning types. Currently it is only an all-or-nothing approach to plugins, and with over 11,000 plugins available, having to eliminate many esoteric testsfor equally esoteric applications and services is simply a pain to configure and equally a waste of productivity.


Alternate clients have generally had a plugin search feature, which comes in very handy considering the large plugin base.

Reporting in v3 is limited to html/xml, linux and 3rd party clients have had a wide support for other formats, including LaTeX, PDF and straight ASCI. The reports were easy to read and interpet, including vulnerabilities found and remediation links and suggestions.


Conclusions:

Overall, and especially the daemon for Win32, finally, Nessus is a welcome addition to what is a small pool of vulnerability testing suites for the platform. We can only hope that they can bring the client up to par in future releases. The client is really where most of the issues are, especially in regards to flexibility and lack of multiple report export options.


Comments Index (Total Messages: 0)


Post Reply
Name:Guest
Title:
Comment:



Enter this security word

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!