Does anyone uses Nessus these days ?

random_k · 07-26-2006, 06:07 AM

Does anyone uses nessus (vuln scanner) theses days ?

I mean the project went closed source and the deal is that to use it you have to run a daemon as root in the backround..

Do you trust those guys that create nessus ?
It's the best vuln scanner after all out there, I wish it didn't go closed source..

konsolebox · 07-26-2006, 11:01 PM

hmmm.. just a question. but where do you use nessus? i tried nessus but i'm not happy with it. i'll like more an nmap or amap style nessus if there's one.

AAnarchYY · 07-26-2006, 11:02 PM

i use it, but only on very rare occasions. Maybe becuse the background daemon takes too long to load.

random_k · 07-27-2006, 04:13 AM

Quote:

Originally Posted by konsolebox

hmmm.. just a question. but where do you use nessus? i tried nessus but i'm not happy with it. i'll like more an nmap or amap style nessus if there's one.

Well nmap can't do vulnerability scanning but it can be combined with nessus so that you can have a good check on you network..
Actually Nessus is the only active vulnerability scanner from what I know..

@AAnarchYY , when you tried it , did you find it useful ?

konsolebox · 07-27-2006, 04:17 AM

yeah i know that but i just thought that it would have also been great if there was a non-daemon version of nessus.

Edit: no more certifications or whatsoever

live_dont_exist · 07-27-2006, 12:55 PM

random_k ... thats the thing with open source I guess...Now I'm not smart enough to decompile Nessus and the daemon and see how things work...but if such a large Linux/Unix community is using it and find no issues with it(security wise) I'd say ur safer than when ur running Evil Bill....

About how good Nessus is...yeah its good...Nmap is an amazing tool for varied kinds of port scans but it doesn't do vulenrability scanning...with Nessus u get a load of dangerous/non dangerous plugins which you can enable/disable when you're testing...plus it gives you great reports in a very readable format...go ahead use it against ur network if ur trying out how secure the doors are...but if ur using it to hack away at some one...you'll find out ...

...

We use Nessus regularly in our pen testing activities...use it as a testing tool .. its great...

fedora4002 · 07-27-2006, 03:28 PM

I am using it. It is pretty good.

konsolebox · 07-27-2006, 05:24 PM

hey don't get me wrong guys

it was just a suggestion and i can use nessus anytime i like. it's not that difficult. but not for now because i've got nothing to scan yet.

live_dont_exist · 07-28-2006, 02:37 PM

lol@fedora4002 .. so true ...