Introduction

Nessus is the most widely used system vulnerability scanning and analysis software in the world. More than 75000 institutions have used Nessus as software to scan their computer systems。

Software features

*Provide a complete computer vulnerability scanning service and update its vulnerability database at any time.

*Unlike traditional vulnerability scanning software, Nessus can be remotely controlled on both the local and remote machines to perform system vulnerability analysis and scanning.

*Its operational efficiency can adjust itself with the resources of the system. If the host is added to more resources (such as accelerating CPU speed or increasing memory size), its efficiency performance can be improved due to abundant resources.

*Customizable plugins

*NASL (Nessus Attack Scripting Language) is a language developed by Tenable to write security testing options for Nessus.

*Fully supports SSL (Secure Socket Layer).

*It has been more than 20 years since its development in 1998, making it a mature software architecture.

Adopting a client/server architecture, the client provides a graphical interface running in the X window, accepts user commands to communicate with the server, transmits user scanning requests to the server, and the server initiates scanning and presents the scanning results to the user; The scanning code and vulnerability data are independent of each other. Nessus has a corresponding plugin for each vulnerability. The vulnerability plugin is a small piece of code written in NASL (NESSUS Attack Scripting Language) that simulates the attack vulnerability. This scanning technology that utilizes vulnerability plugins greatly facilitates the maintenance and update of vulnerability data; Nessus has the ability to scan any port or service; Generate detailed output reports in user specified formats (ASCII text, HTML, etc.), including target vulnerabilities, how to fix vulnerabilities to prevent hacker intrusion, and risk levels.