Hi there :)

the following 2 articles are refering to a security test tool which is used with UNIX/Linux to check for possible network vulnerbilities. It's a mighty program and offers lot of details of a network and its structure. This articles will here be continued when released and if you wanna read them.

Greetz
B. Udo

Here article 2

Heya

I've posted the first 2 articles of that series last year. Here the 3rd article

Greetz
B. Udo



Please see also:
Nessus Part 1 - Introduction to Nessus -

Nessus Part 2 - Nessus how to scan -

Nessus 3.0.1 has been released
8th January, 2006:

Nessus 3.0.1 (build 114) is now available on our web sites.
Here is the list of changes in this release :

- Improvements :
- Lighter resources consumption of the master processes, which in turn improve scalability (one has to account for ~ 6 megabytes of RAM per host tested in parallel)
- Reduce the CPU usage of nessusd when the only running plugin is executing a local command
- Improved the timing of synscan.nes which could result in very long (nearly infinite in time) port scans
- Slightly faster (~ 20%) initial processing of the plugins

- Bug fixes :
- When nessusd updates itself, the process now restarts properly
- Fixed the error message "Warning this scanner seems to be using the plugin feed of another host" which would
sometimes be displayed when the nessusd host changes of IP addresses
- Fixed a NULL pointer dereferencement which may happen in some cases when dealing with shared sockets

- Other:
- Removed bogus warning messages occuring when max_checks is set to a very high value (which is not a good idea in the first place -- max_checks should be set to 4 most of the time)
- KB files of hosts which are dead are not saved on disk (as they are empty)
- Re-introduced HTML export, due to popular demand
- The RPMs have stronger dependencies set
- The SuSE 9.3 build is now linked to the default libdb 4.3

http://www.nessus.org/

Nessus 3.0.2 released::::7th March, 2006:

Here is the list of changes since 3.0.1 :

nessusd :


Fixed a problem causing the scan to hang if max_checks was set to a value which is way too high

Plugged a small memory leak occuring when re-using the same connection to perform an additional scan

Plugged a small memory leak in the plugins scheduler

Fixed bug#1426 (crash on startup when processing a malformed nessusd.conf file)

Improved the 'default' list of ports to scans with a new file 'nessus-services'


nessus :


'nessus -V' (verbose) works again


nasl :


A new function, inject_packet(), can write directly to layer 2

The function 'end_denial()' would not work when used in command-line mode

Fixed a potential bus error occuring on memory exhaustion

Fixed an integer overflow causing a segfault when processing some kind of malformed script


libnessus :


Fixed a bug in the SSL transport layer which may cause find_services.nes to hang longer than expected on SSL_read()

Fixed the function in charge of getting the list of network interfaces which would get a wrong netmask when dealing with an interface alias


plugins :


Fixed several bugs in find_services.c which would not properly set the key Transport/SSL or which may read some data beyond its buffer

Fixed a bad #if/#endif clause in nessus_tcp_scanner.c which prevented it from recomputing the RTT, hence negatively impacting the performance

nmap.nasl has been removed from the main distribution (to use nmap from within Nessus, read this page)

http://www.nessus.org/download/

Grand Dad

Hi

can anyone help me understand Nessus 2.2.9? I've a problem generating attack events on Nessus 2.2.9 Server on Linux ES 3.

Events of the form ::
user nessuser : launching smb_scope.nasl against TARGET_HOST [<ProcessId>]

Can these events be generated in Nessus 3.0.4 by the same process?

Thanks in Advance