Nessus is an active vulnerability scanner. It is a client and server software. Currently it is available for several platforms :
- Linux: Fedora 10 (i386 and x86-64), Red Hat Enterprise 4 & 5 (i386 and x86-64), CentOS 4 & 5, SuSE 9.3 & 10, Debian 5 (i386, amd64), Ubuntu 8.04 (i386, amd64), Ubuntu 8.10 (i386, amd64)
- FreeBSD : FreeBSD 7 (i386)
- Solaris : Solaris 9 & 10 (sparc)
- Mac OS X: Mac OS X 10.4 and 10.5 (intel & ppc)
- Windows: Windows XP, 2003, Vista and 2008
In Nessus, all the security checks are done by plugin. It is written in NASL (Nessus Attack Scripting Language). There are currently 25638 different plugins used by Nessus, covering local and remote flaws.
Because new vulnerabilities are found everyday, then you need to update your plugin. Currently, there are two ways to update your vulnerability database, automatically or manually. If you have always-on connection to the Internet, automatic Nessus database update is the preferred method. Otherwise, you can use the manual way.
For the manual method, here is the command to update your Nessus plugins :
After several time, depending on your Internet connection speed, the update process is done.
Next, you might want to check your Nessus Plugin Feed version, to make sure that you have update it correctly. In Nessus version 3, the Plugin Feed information is stored in a file named plugin_feed_info.inc under your Nessus directory (/opt/nessus/lib/nessus/plugins/).
To view the information, just do “cat” onto that file :
# cat /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc PLUGIN_SET = "200904162134"; PLUGIN_FEED = "HomeFeed (Non-commercial use only)";
Here is the screenshot :