T h e N e s s u s P r o j e c t http://www.nessus.org Paris, 4th April 1999. I am pleased to announce the availability of Nessus-alpha2, one year after the release of Nessus-alpha1. 1. What is Nessus ? ------------------------------------------------------------------------ Nessus is a free, easy-to-use and open-sourced remote security scanner, distributed under the GPL, such as SATAN. Every security check is coded as an external plugin, thus making the product easier to upgrade / maintain / modify for your needs. Also, Nessus is made up of a client and a server. The server is in charge of the attacks, and the client is the frontend which is used to configure the tests and analyze the results. This release (which is called alpha2 and not beta1 or 1.0 because a lot of features are still to be added) is stable and usable by everyone -- not just geeks or hackers (in the open-source meaning of the term of course). 2. What are the new features of Nessus-alpha2 ? ------------------------------------------------------------------------- Nessus has many new features, mainly : - Intelligent remote service detection Too many security scanners consider that all web servers run on port 80, all FTP servers on port 21, and so on, so they get quickly confused when facing a host which is running a server on another port (like a web server on port 8080). And this is really annoying is not it ? So many holes that are left because they were on another port ! Nessus will attempt to find out which service is running on each port, and will launch its attacks according to the result of its findings. - Up-to-date vulnerability database Nessus features 208 security checks, which may seem not enough compared to commercial security scanners, but most of these tests are new, that is, they have been published recently. So Nessus is up-to-date, and the tests that are not done are the older ones (which you must not forget to test, but which are becoming rare) - Advanced portscanning facilities Nessus now performs several port scans, which can be combined to get more efficient results. The current scan techniques are : TCP ACK, FIN, SYN, XMAS, Maimon, FTP bounce scan UDP 'icmp unreachable' scan - Advanced security between the client and the server The Unix client now communicates with the Unix server over a ciphered communication layer. Also, the client authentification can now be done via a public key exchange, thus securing even more the use of the Nessus server - Advanced oand documented plugins API Nessus now features a complete manual describing how easy it is to write your own tests. It is now even possible to make a trivial GUI to your plugins, thus making them more user-friendly and user-configurable. The plugins API features things like plugins dependencies, plugins intercommunication, FTP functions and more. Also, it solves the eternal problem of the headers to use when dealing with raw sockets, structs tcphdr and all the like. - More portable Whereas Nessus-alpha1 was for Linux only, thanks to many contributors, Nessus-alpha2 now compiles and runs under all major BSD flavors, Linux, some flavors of Solaris, IRIX and even SCO with some modifications It has heavily been tested under FreeBSD 2.2.6 and 3.1, Debian GNU/Linux and the Linux RedHat 5.2 - No limitations (except a moral one) Whereas most commercial security scanner limit the range of IPs that you can test, Nessus, because it is free, gives you the total freedom to do what you want with it. The only limitation I ask you to observe is : 'Do not test the computers that are not under your responsability' - Now supports CIDR addresses You can now ask to test CIDR-noted addresses, like 192.168.2.2/29 (can you imagine I have waited so long to implement this one ?) This is among all the other 'standard' features. 3. Where to get it ? ------------------------------------------------------------------------- (Required) Before you download Nessus, make sure you have these two sets of libraries installed : gmp 2.0.2 : available at ftp://ftp.gnu.org/pub/gnu/gmp/ gtk+ : available at ftp://ftp.gimp.org/pub/gtk/v1.2/ (Nessus is compatible with GTK 1.0 to 1.2 included, but incompatible with the first versions of GTK 1.1) The Nessus package is available here : (USA) ftp://ftp.nessus.org/pub/nessus/nessus-release/ (USA) ftp://ftp.cis.fed.gov/pub/nessus/nessus-release/ (France) ftp://cvs.nessus.org/pub/nessus/nessus-release/ (Germany) ftp://ftp.gwdg.de/pub/linux/misc/nessus/nessus-release/ (Optional) There are now several clients that can be used with Nessus. Note that the above package comes with the standard GTK client. + NessusW is a Win32 client written by Noam Rathaus <dolittleat_private> and Aviram Jenik <aviramat_private>, of the SecuriTeam (http://www.securiteam.com). It is available at : (USA) ftp://ftp.nessus.org/pub/nessus/clients/ (USA) ftp://ftp.cis.fed.gov/pub/nessus/clients/ (France) ftp://cvs.nessus.org/pub/nessus/clients/ (Germany) ftp://ftp.gwdg.de/pub/linux/misc/nessus/clients/ + Net::Nessus is a perl module which handles the communication with the server and which has been written by Jochen Wiedmann <joeat_private>. It is available at ftp://ftp.funet.fi/pub/languages/perl/CPAN/authors/id/JWIED/ ... and the various CPAN mirrors. + NessusJ is a Java client written by Alexis de Bernis a new version of which is to be released soon. 4. The Nessus project web resources ------------------------------------------------------------------------- The project home page : http://www.nessus.org The developement page : http://cvs.nessus.org The mailing list page : http://list.nessus.org
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:25 PDT