Mailing List Archive

Darnit, didn't you guys say just a couple of years ago that Nessus was
NEVER to be run on VMware virtual machines, because it's so horribly
slow when you do that? What changed? Was it VMware that suddenly got
10 times more efficient, or was it Nessus?

Or are you banking on the much faster hardware that exists today to do
the trick?

Or does it run dedicated on that nifty VMware/OS?

On Sep 25, 2008, at 12:58 PM, Renaud Deraison wrote:

>
> Hi,
> Tenable Network Security has released a virtual appliance for the
> Nessus 3 vulnerability scanner. The VMware appliance is available to
> ProfessionalFeedand Security Center customers.
>
> The appliance image allows for rapid deployments and effortless
> management of Nessus 3 scanners in virtual environments. Users do not
> need to concern themselves with managing an operating system and can
> focus on managing their scanner configurations, operation and
> performance.
>
> More information can be obtained at http://blog.tenablesecurity.com/2008/09/nessus-virtual.html
>
> ProfessionalFeed and Security Center customers can download the
> appliance on the customer support portal, at :
>
> http://plugins-customers.nessus.org/ in Downloads -> Download Tenable
> Products -> Nessus Vulnerability Scanner
>
>
>
> All feedback is welcome, either through the support portal or to me
> directly.
>
>
>
> Thanks,
>
> -- Renaud
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Hi James,

On Sep 25, 2008, at 7:07 PM, James Birk wrote:

> Darnit, didn't you guys say just a couple of years ago that Nessus was
> NEVER to be run on VMware virtual machines, because it's so horribly
> slow when you do that? What changed?


Nessus 3.2 has been optimized to reduce several operations which were
slow on VMware. System calls and memory copies have been greatly
reduced, and therefore it performs much better than Nessus 3.0 did
(and obviously 2.x). This is why you do not get the VMware warning any
more when you start Nessus 3.2 in a virtualized environment.

Also, VMware deployments are much more mature now than what they used
to be several years ago, and is generally done on much beefier
hardware. A lot of production services are running on top of ESX
today, and we believe that Nessus can safely be added there.

Of course, if you have the choice between running Nessus natively on
beefy hardware, or virtualized on top of this same hardware, you will
get better performance natively. However, the difference between
native and virtualized won't be as glaring with 3.2 as what it used to
be.

-- Renaud



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

before I will switch from my installation to the VMware image (thanks
for it!), I've a question about external tools.

- How can I use additional, own written NASL scripts?
- Is nikto installed inside the VMware image?

Thanks for hints

Micha

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Micha Borrmann wrote:
> before I will switch from my installation to the VMware image (thanks
> for it!), I've a question about external tools.
>
> - How can I use additional, own written NASL scripts?
> - Is nikto installed inside the VMware image?
>

Hi Micha,

The web interface to manage the appliance does not have the ability to
upload custom NASL scripts.

Nikto is not installed on the appliance.

Ron Gula
Tenable Network Security


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

On Fri, 26 Sep 2008 13:47:23 +0200
Micha Borrmann <micha.borrmann@syss.de> wrote:

> - Is nikto installed inside the VMware image?

Calling external programs from Nessus is a simple way to extend it (*), but
it creates many problems if these programs do not behave as expected.

1. It can be slow
If Nikto takes a long time to perform its task, your Nessus scan will
be stuck. script_timeout may not be an option if killing the external
program is undesirable (e.g. if it manages a database which would
become inconsistent)

2. It can be dangerous
Worse, I nearly froze a machine when the Medusa FTP module started
looping (a multithreaded program eating all CPU is really dangerous).
Now you know why the Medusa wrappers will never be in the official feed.

3. It is not efficient
We already wrote many times here why calling Nmap from Nessus is
resource greedy, as the architectures of the tools are different and do
not fit together.
http://www.nessus.org/documentation/index.php?doc=nmap-usage

(*) Concerning Nikto, I'd like to know if you found some flaws that are
reported by Nikto and not by some Nessus script.
I wrote the Nikto wrapper a long time ago, it now appears redundant with
Nessus "CGI abuses","CGI abuses: XSS" and "Web servers" families.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus