Today we will write about Nessus (from my point of view) the best vulnerability scanner.
There are many network scanners:
* nmap: a very simple command line network scanner.
* wireshark: a network sniffer, GUI and command line.
* airodump: wireless scanner.
* airsnort: an old wireless scanner.
There are many scanners, but none of them gets the level of nessus. This is my favourite one :)
Why?
Nessus is a free vulnerability scanner, you can use it as GUI or command line, no problem.
Nessus works as client <-> server. This is (in short), our nessus server will do the work which we launch from the nessus client.
The GUI client interface is very friendly and easy-to-use.
The command line has a powerful engine that allows us to integrate nessus with metasploit framework (we will talk about metasploit framework in later posts)
Once installed, up and running, we have a "light" version of nessus, it has only a few plugins available.
We have to go to the nessus website and register our nessus. (I asume we are NOT a company, just home users; companies should buy a enterprise version of nessus)
After register our nessus server, we can download all of plugins and full update our nessus engine.
Then we will have our nessus engine ready to run.
Thus, which is the functionality for this plugins?
Plugins are used as working modules, they are used to detect vulnerabilities, each one is dedicated to some type of vuln. Then, you should keep your plugins updated, in order to have the best vuln detection.
Nessus works in a three module manner:
- Policies: policies are used to define the scanner behavior, which IPs will be scanned...
- Scanners: this is the main nessus function, a scanner is a "policy running"
- Reports: a report is created after scanner execution, is the output of the scanner, listing all the vulns detected and the exploit, if it is available.
Those reports can be read by metasploit, to execute commands like "db_autopwn" :)
"We are legion"
Next Post: "WifiWay2, hack the air!!!"(English)
Siguiente Post: "WifiWay2, hack the air!!!"(Español)
I hope you feel identified with my stories and thoughts about Computer Security
Subscribe to:
Post Comments (Atom)
Popular Posts
-
(Now you can access to the Spanish version of this post | Ya está disponible la versión en Español de este post) Hi there! Today we wil...
-
Today we will talk about differences between DDoSing a service and hacking a server. If you don't know what't DDoS and DoS, go to ...
-
(There is a Spanish version of this post | haga click aqui para acceder a este post en Español ) Just a few months ago we heard: "WP...
-
Hola de nuevo Hacía ya mucho tiempo del último post, muchos cambios en mi vida ultimamente pero estoy de vuelta :) Hoy estamos aqui para...
-
(Esta es la versión en Español de un post reciente | This is the Spanish version of a previous post ) Hace unos meses se escucho: ...
-
(Visit the brand new version of this old post in Spanish) Today we will write about "WifiWay". WifiWay is a free open linux d... -
(There is another post in Spanish | Puedes acceder a la versión de post en Español aqui ) Today, here we are with the next post about a kin... -
(Esta es la versión en Español de un post previo en ingles | This is the previous version of a post in English ) Hoy estamos aqui con ...
-
Today we will write about Nessus (from my point of view) the best vulnerability scanner. There are many network scanners: * nmap : a ver...
-
(Now you can access to the Spanish version of this post | Puede acceder a la versión en Español de este post) Hi there! Long time ago fro...
Fran, this is an incredible explaining about Nessus. I have read all your posts and you know my opinion about your explain methods. =D
ReplyDelete"We don't forget, We are legion"
Hi Chusty,
DeleteI've resumed my blog writting.
Hope u enjoy it.
"nmap: a very simple command line network scanner."
ReplyDeleteYou should update your info:
http://nmap.org/nsedoc/
I think my info is ok.
DeleteI didn't wanna say Nmap is simple, I mean "Nmap is easy-to-use"
Right?