Nessus 3.2 released

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

New Features

  • Support for IPv6 targets (for the Linux, FreeBSD, Solaris and Mac OS X flavors)
  • Support for limiting the number of active TCP sessions in parallel (per host, per scan, per scanner)
  • A new nessuscmd tool that lets one run quick scans from the command-line
  • A new nessus-update tool that lets one update the Nessus engine from the command-line (on select platforms)
  • The Nessus daemon can now detect hosts which are being turned off during the scan and stop scanning them
  • The Nessus daemon can now detect when the network is congested and change the TCP settings appropriately
  • Nessus user account access control rules are now more granular and can be used to prevent the scanner from connecting to certain ports or to use certain plugins
  • The nessus command-line tool can read and write to and from a .nessus file
  • Improved WMI support (see http://cgi.tenablesecurity.com/tenable/WMI.html)

Improvements

  • New nasl functions can dynamically alter the plugin selection
  • Improved memory management by NASL scripts
  • Support for more SSH ciphers (AES-128/AES-192/AES-256/3DES)
  • Improved service detection — a new service detection plugin (find_service.nasl) replaces the old find_service.nes
  • On Unix systems, the initial plugin processing now takes advantage of multi-core CPUs
  • nessusd.rules now let you tune which plugins are forbidden for a scan, and which ports can or can’t be connected to

Improvements to the Nessus TCP Scanner

  • Simplified preferences — a new cursor option (firewall detection) lets the user better tune the scanner when running against a firewall or a slow link
  • Improved RTT estimation and congestion detection by regularly probing unfiltered ports

Windows Specific changes

  • NessusGUI.exe has been removed in favor of NessusClient.exe which is now bundled with the installer
  • It is now possible to authenticate the clients via SSL certificates
    KB saving and other options common to the UNIX version of Nessus are supported on the Windows platform
  • Installer now lets the user decide which components to install (server, client or both)
  • When the scanner is registered with either a Direct or Registered feed, it will automatically fetch and process the new updates from nessus.org every 24 hours

Mac OS X Specific changes

  • Nessus Client 3.2 includes a fixed a memory leak that occurred in the 3.0 version
  • Nessus 3.2.0 now is a real universal binary

Linux platforms

Nessus 3.2 is now available for the following Linux platforms :

  • Debian 4 (i386 and amd64)
  • Fedora 7 (i386)
  • Fedora 8 (i386)
  • Red Hat Enterprise Linux 3, 4 and 5 (i386)
  • Red Hat Enterprise Linux 5 (x86_64)
  • SuSE Linux 9.3 and 10.0 (i386)

NessusClient 3.2.0 specific changes

  • A new ’network’ tab when editing a policy, lets the user control some Nessus 3.2 specific options such as maximum TCP sessions.
    Fixed several bugs which might cause the client to crash in the middle of a scan.
  • Opening a large .nessus file in the client now takes less time.

Post scriptum

Compliance Mandates

  • Vulnerability Management :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Nessus
Vulnerability Management
Vulnerability Scanner