Nessus Version 4 Released

Tenable is pleased to announce the release of Nessus version 4! This blog post highlights some of the enhancements and new features available in Nessus 4.0. One of the most notable features is the ability to create custom XSLT reports based on your scan results. Nessus now also supports a fully multi-threaded scanning engine, which is improves performance and decrease your scan times. Nessus ProfessionalFeed and HomeFeed customers can upgrade to the latest version by visiting the Nessus Web Site. Please review the updated Nessus 4.0 Installation Guide and NessusClient 4.0 User Guide for installation and upgrade instructions and a complete list of new functionality and features. The following is a highlight of some of the features and improvements:

Nessus Engine

• Uses the same engine on Windows and Unix-based systems for a unified experience on all platforms and more consistent results
• Fully thread-based (as opposed to process based) for better scalability and reduced memory usage
• Performance improvements to reduce CPU usage on all platforms

Port scanners

• Local and remote port scanners can now be combined. For example, if you select the Nessus SYN scanner and the netstat WMI portscanner , Nessus will try to log in via WMI to enumerate the ports first, then to fall back to the SYN scanner
• The TCP SYN port scanner has been rewritten entirely and operates the same between Windows and Unix-based systems
• Native UDP port scanner (ProfessionalFeed Only)

Compliance Checking

• The database compliance checks can now log into MSSQL over SSL
• The PCI-DSS plugins are now fully supported

NASL (Nessus Attack Scripting Language)

• Added support for Perl Compatible Regular Expressions (PCRE) to NASL
• NASL scripts can now share results between hosts via a global knowledgebase
• New NASL functions (XML parsing, the bignum library, new packet forgery functions, new socket-related functions and more)

NessusClient

• Support for XLST transformations of the reports - This is one of the most exciting features and will be described in more detail in upcoming blog posts.
• The ability to export a .nessus file based on a filtered report
• Unlimited number of filters for the NessusClient on Windows and Unix-based systems

Cross-Platform

• No external libraries are required, eliminating the need to tamper with your system configuration in /etc/ld.so.conf
• Added support for the newest Linux distributions (Debian 5, Fedora 10, etc.)
• New "linux-generic32" and "linux-generic64" builds for additional linux distributions
• 64-bit native builds of Nessus/NessusClient for FreeBSD, Windows and Linux
• All the Unix command-line tools (e.g., nessus-fetch, 'nessus', nessuscmd) now also run on Windows

Additional Resources

• Nessus Documentation
• Nessus ProfessionalFeed
• Nessus 4 FAQ

Please contact Tenable Support ([email protected]) for any questions regarding the upgrade to Nessus 4. Please contact the Tenable sales staff ([email protected]) if you are interested in evaluating or upgrading to Nessus 4.