Nessus 3.2 Now Available!
Tenable Network Security is proud to announce the availability of Nessus 3.2.0, as well as NessusClient 3.2.0. Nessus 3.2.0 is a major release, containing several changes from Nessus 3.0.x :
New Features
- Support for IPv6 targets (for the Linux, FreeBSD, Solaris and Mac OS X flavors)
- Support for limiting the number of active TCP sessions in parallel (per host, per scan, per scanner)
- A new nessuscmd tool that lets one run quick scans from the command-line
- A new nessus-update tool that lets one update the Nessus engine from the command-line (on select platforms)
- The Nessus daemon can now detect hosts which are being turned off during the scan and stop scanning them
- The Nessus daemon can now detect when the network is congested and change the TCP settings appropriately
- Nessus user account access control rules are now more granular and can be used to prevent the scanner from connecting to certain ports or to use certain plugins
- The nessus command-line tool can read and write to and from a .nessus file
- Improved WMI support (see http://cgi.tenablesecurity.com/tenable/WMI.html)
Improvements
- New nasl functions can dynamically alter the plugin selection
- Improved memory management by NASL scripts
- Support for more SSH ciphers (AES-128/AES-192/AES-256/3DES)
- Improved service detection -- a new service detection plugin (find_service.nasl) replaces the old find_service.nes
- On Unix systems, the initial plugin processing now takes advantage of multi-core CPUs
- nessusd.rules now let you tune which plugins are forbidden for a scan, and which ports can or can't be connected to
Improvements to the Nessus TCP Scanner
- Simplified preferences -- a new cursor option (firewall detection) lets the user better tune the scanner when running against a firewall or a slow link
- Improved RTT estimation and congestion detection by regularly probing unfiltered ports
Windows Specific changes
- NessusGUI.exe has been removed in favor of NessusClient.exe which is now bundled with the installer
- It is now possible to authenticate the clients via SSL certificates
- KB saving and other options common to the UNIX version of Nessus are supported on the Windows platform
- Installer now lets the user decide which components to install (server, client or both)
- When the scanner is registered with either a Direct or Registered feed, it will automatically fetch and process the new updates from nessus.org every 24 hours
Mac OS X Specific changes
- Nessus Client 3.2 includes a fixed a memory leak that occurred in the 3.0 version
- Nessus 3.2.0 now is a real universal binary
Linux platforms
Nessus 3.2 is now available for the following Linux platforms :
- Debian 4 (i386 and amd64)
- Fedora 7 (i386)
- Fedora 8 (i386)
- Red Hat Enterprise Linux 3, 4 and 5 (i386)
- Red Hat Enterprise Linux 5 (x86_64)
- SuSE Linux 9.3 and 10.0 (i386)
NessusClient 3.2.0 specific changes
- A new 'network' tab when editing a policy, lets the user control some Nessus 3.2 specific options such as maximum TCP sessions.
- Fixed several bugs which might cause the client to crash in the middle of a scan.
- Opening a large .nessus file in the client now takes less time.
For more Information
Nessus 3.2.0 can be obtained at http://www.nessus.org/
Feedback and bug reports can be sent to http://bugs.nessus.org/
Demo videos of Nessus 3.2, including an 12 minute introduction video for new users, are available online.
Nessus documentation is available here: http://www.tenablesecurity.com/documentation/
Related Articles
- Nessus