Lot of news :
1. Nessus 2.0.9 released
2. NeWT 1.0 released
3. Scanning your Windows domain with Nessus
4. Forums on Nessus.org
1. Nessus 2.0.9 released
----------------------------------------------------------------------------
Nessus 2.0.9 has been released. This new release should mostly be useful
to BSD users, however some tests seem to show that it induces a lighter load
on Linux systems as well.
The main changes in this new releases are :
. changes by Michel Arboi :
- Added functions in libnasl (join_multicast_group(), unixtime(), and
more...)
- Fixed send_packet() possible fd leak
- SSL connections now use non-blocking sockets
. Changes by Pavel Kankovky :
- Minimize the number of pixmaps that need to be created in the Nessus
client by re-using them
. changes by Renaud Deraison :
- The bpf sharing system now works fine on BSD systems, so Nessus
now only requires one /dev/bpf to work correctly, no matter how many
hosts are being tested
- Minor bug fixes
- A bug in tcp_ping() would make some probes have a source port set to 0
As I wrote, the main improvement is to have a real bpf sharing system.
In a nutshell, on BSD systems (Free/Open/NetBSD and MacOSX) when you want
to read packets from the network directly (ie: to read the replies to the
packets forged), you have to use the Berkeley Packet Filter (/dev/bpf) which
is a fast and reliable interface to do so.
The problem is that each process which wants to read data from /dev/bpf has
to open its own. Since a typical BSD systems ships with very few of them
(only four on MacOS X), Nessus would sometime fail to read raw packets. One
of the biggest symptom so far to have Nessus proudly tell you that your
fully populated class C had no live host on it.
The solution which has been implemented is to add a bpf sharing module.
Basically, plugins who need to read packets from the network will "subscribe"
to the module and send the filter they want the packets to match to, and
in return the bpf sharing module will forward the matching packets to these
plugins. This creates little overhead compared to a traditional in-kernel bpf,
and the end result is that Nessus now only needs one /dev/bpf by used
network interface.
Another good news is the use of non-blocking SSL sockets. To handle
timeouts on top of SSL connections, nessusd was using an alarm signal handler.
It turns out that a mere call to alarm() is uterly slow under MacOS X, and
the use of an interruption to handle a timeout is ugly code anyway, so Michel
rewrote the timeout parts of our networking library to now use non-blocking
SSL sockets. This cleans up the code, and this should be a very good news
to MacOS X users who will find that this really increases the performance
of Nessus under their operating system.
Nessus 2.0.9 is available at :
http://www.nessus.org/download.html
2. NeWT 1.0 has been released
-----------------------------------------------------------------------------
I'm also glad to announce the availability of NeWT 1.0. NeWT is a fully native
port of the Nessus engine to the Win32 platform. This is a commercial product
sold by Tenable, the company I co-founded with Ron Gula. NeWT comes with
professional support. So if you are tired of configuring Linux just for using
Nessus, give it a try - a 30 days demo is available at :
http://www.tenablesecurity.com/newt.html
3. Scanning your Windows domain with Nessus
-----------------------------------------------------------------------------
Sunil Vakharia wrote an excellent white paper explaining why you should
give NT credentials to Nessus when scanning your Windows domain, and how
to do so. It's a must-read for everyone dealing with scanning Windows
networks, and it's available at :
http://www.nessus.org/doc/nessus_windows_domain.pdf
4. Nessus.org forums
------------------------------------------------------------------------------
1. Nessus 2.0.9 released
2. NeWT 1.0 released
3. Scanning your Windows domain with Nessus
4. Forums on Nessus.org
1. Nessus 2.0.9 released
----------------------------------------------------------------------------
Nessus 2.0.9 has been released. This new release should mostly be useful
to BSD users, however some tests seem to show that it induces a lighter load
on Linux systems as well.
The main changes in this new releases are :
. changes by Michel Arboi :
- Added functions in libnasl (join_multicast_group(), unixtime(), and
more...)
- Fixed send_packet() possible fd leak
- SSL connections now use non-blocking sockets
. Changes by Pavel Kankovky :
- Minimize the number of pixmaps that need to be created in the Nessus
client by re-using them
. changes by Renaud Deraison :
- The bpf sharing system now works fine on BSD systems, so Nessus
now only requires one /dev/bpf to work correctly, no matter how many
hosts are being tested
- Minor bug fixes
- A bug in tcp_ping() would make some probes have a source port set to 0
As I wrote, the main improvement is to have a real bpf sharing system.
In a nutshell, on BSD systems (Free/Open/NetBSD and MacOSX) when you want
to read packets from the network directly (ie: to read the replies to the
packets forged), you have to use the Berkeley Packet Filter (/dev/bpf) which
is a fast and reliable interface to do so.
The problem is that each process which wants to read data from /dev/bpf has
to open its own. Since a typical BSD systems ships with very few of them
(only four on MacOS X), Nessus would sometime fail to read raw packets. One
of the biggest symptom so far to have Nessus proudly tell you that your
fully populated class C had no live host on it.
The solution which has been implemented is to add a bpf sharing module.
Basically, plugins who need to read packets from the network will "subscribe"
to the module and send the filter they want the packets to match to, and
in return the bpf sharing module will forward the matching packets to these
plugins. This creates little overhead compared to a traditional in-kernel bpf,
and the end result is that Nessus now only needs one /dev/bpf by used
network interface.
Another good news is the use of non-blocking SSL sockets. To handle
timeouts on top of SSL connections, nessusd was using an alarm signal handler.
It turns out that a mere call to alarm() is uterly slow under MacOS X, and
the use of an interruption to handle a timeout is ugly code anyway, so Michel
rewrote the timeout parts of our networking library to now use non-blocking
SSL sockets. This cleans up the code, and this should be a very good news
to MacOS X users who will find that this really increases the performance
of Nessus under their operating system.
Nessus 2.0.9 is available at :
http://www.nessus.org/download.html
2. NeWT 1.0 has been released
-----------------------------------------------------------------------------
I'm also glad to announce the availability of NeWT 1.0. NeWT is a fully native
port of the Nessus engine to the Win32 platform. This is a commercial product
sold by Tenable, the company I co-founded with Ron Gula. NeWT comes with
professional support. So if you are tired of configuring Linux just for using
Nessus, give it a try - a 30 days demo is available at :
http://www.tenablesecurity.com/newt.html
3. Scanning your Windows domain with Nessus
-----------------------------------------------------------------------------
Sunil Vakharia wrote an excellent white paper explaining why you should
give NT credentials to Nessus when scanning your Windows domain, and how
to do so. It's a must-read for everyone dealing with scanning Windows
networks, and it's available at :
http://www.nessus.org/doc/nessus_windows_domain.pdf
4. Nessus.org forums
------------------------------------------------------------------------------