Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

A New Tool For Security Scans

To fend off network attackers you need tools that identify vulnerable systems across multiple OSs and provide guidelines for remediation before holes can be exploited. Vulnerability scanners help, but many are vendor-specific and expensive. There's a better way: Nessus, a free, frequently updated open-source utility.

A Nessus vulnerability assessment has three phases. During scanning discovery, Nessus queries a range of network IP addresses to determine active hosts. For example, vulnerability-assessment software can send ICMP (Internet Control Message Protocol) echo requests to find active hosts; however, devices that don't respond aren't necessarily dead--they may be behind a firewall or have a host firewall that doesn't respond to ICMP.

Port scanning can determine which hosts are alive and which ports are open. The results are used to create sets of host targets for the second phase, analysis. During this phase, vulnerability software queries network services on each host to obtain banners containing software and OS version information. The final phase of vulnerability detection involves probing remote services to test them against a list of known vulnerabilities, such as buffer overflows and system-configuration errors.

Nessus uses client-server technology, which lets a console server perform the scanning and testing while results are monitored and reviewed on distributed clients. The server-side component, nessusd, provides a central repository in which all vulnerability security checks (plug-ins) are registered and accessed across the network by client components. The server component is Unix-based--using a Linux server makes installation simple. Nessus clients are available for both Windows and Unix X Windows. The Nessus server and client will each run in console mode on the Macintosh OS X.

  • 1