Nessus 5.2 a major release in the wild (enhanced post-scan analysis tools)

(source : nessus blog & data sheet)

Nessus® is the industry’s most widely-deployed vulnerability and configuration assessment product. Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis of your security posture. Fueled by Nessus ProfessionalFeed®, a continuously-updated library with
more than 50,000 individual vulnerability and configuration checks, and supported by an expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus scales to serve the largest organizations and is quick-and-easy to deploy.

Nessus Scanning Capabilities:
• Accurate, high-speed asset discovery
• Compliance auditing: FFIEC, FISMA, CyberScope Reporting Protocol, GLBA, HIPAA/HITECH,
• Configuration auditing: CERT, CIS, COBIT/ITIL, DISA STIGs, FDCC, IBM iSeries, ISO, NIST, NSA
• Patch auditing: Includes patch management integration with IBM® TEM for Patch
Management, Microsoft® SCCM and WSUS, Red Hat® Network Satellite Server, and
VMware® Go
• Control systems auditing: SCADA systems, devices, and applications
• Sensitive content auditing: PII (credit card numbers, SSNs) and intellectual property
• Mobile device auditing: Lists iOS, Android™, and Windows Phone 7 devices accessing the
network and detects mobile vulnerabilities
• Vulnerability scanning for:
–– Network devices: Juniper, Cisco, firewalls, printers, and more
–– Virtual hosts: VMware ESX, ESXi, vSphere, vCenter
–– Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
–– Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL
––Web applications: Web servers, web services, OWASP vulnerabilities
–– Compromise detection: Viruses, malware, backdoors, hosts communicating with botnetinfected
systems, web services linking to malicious content
• Credentialed scanning detects local vulnerabilities and conditions
• Uncredentialed network-based scanning finds new hosts and vulnerabilities
• Certified SCAP vulnerability scanner

Nessus Release 5.2 is a major release (moving from 5.0.3 to 5.2.0) and includes several new features and enhancements, including:

  • IPv6 is now supported on all platforms (including Windows)
  • Nessus server support for Windows 8 and Windows 2012
  • Add attachments within scan result reports
  • Mac OS X preference pane
  • Digitally-signed Nessus RPM packages for supporting distributions
  • Smaller memory footprint and reduced disk space usage
  • Faster, more responsive web interface (uses less bandwidth)
  • No longer need to visit the Tenable website for an activation code!

Several key features are described in detail below, including examples of the new MAC OS X preference pane and the new attachments feature:

Add Attachments to Scan Results

Information collected during the scan can now be included in the results as an attachment. The first iteration of attachments will be screenshots, but any attachment type can be included.

Remote Desktop Protocol (RDP)

If Nessus discovers Remote Desktop Protocol on a target, a screenshot is taken. This can reveal information such as the operating system version and the currently-logged-on user.


If Nessus discovers a target is running VNC without a password to restrict access, a screenshot is included in the results. The above example shows the system using a web browser to visit the website.


For Internet-connected web servers, Nessus will take a screenshot of the website as if you visited the website using a web browser. This feature is useful to identify the applications you are testing, including making sure you are testing the correct virtual host.

Mac OS X Preference Pane

The addition of a Nessus server preference pane in OS X allows the user to stop and start the Nessus server process and configure whether or not Nessus is started at boot time.

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"