Nessus 3.2 Now Available!

Tenable Network Security is proud to announce the availability of Nessus 3.2.0, as well as NessusClient 3.2.0. Nessus 3.2.0 is a major release, containing several changes from Nessus 3.0.x :

New Features

  • Support for IPv6 targets (for the Linux, FreeBSD, Solaris and Mac OS X flavors)
  • Support for limiting the number of active TCP sessions in parallel  (per host, per scan, per scanner)
  • A new nessuscmd tool that lets one run quick scans from the command-line
  • A new nessus-update tool that lets one update the Nessus engine from the command-line (on select platforms)
  • The Nessus daemon can now detect hosts which are being turned off during the scan and stop scanning them
  • The Nessus daemon can now detect when the network is congested and change the TCP settings appropriately
  • Nessus user account access control rules are now more granular and can be used to prevent the scanner from connecting to certain ports or to use certain plugins
  • The nessus command-line tool can read and write to and from a .nessus file
  • Improved WMI support (see http://cgi.tenablesecurity.com/tenable/WMI.html)

Improvements

  • New nasl functions can dynamically alter the plugin selection
  • Improved memory management by NASL scripts
  • Support for more SSH ciphers (AES-128/AES-192/AES-256/3DES)
  • Improved service detection -- a new service detection plugin (find_service.nasl) replaces the old find_service.nes
  • On Unix systems, the initial plugin processing now takes advantage of multi-core CPUs
  • nessusd.rules now let you tune which plugins are forbidden for a scan, and which ports can or can't be connected to

Improvements to the Nessus TCP Scanner

  • Simplified preferences -- a new cursor option (firewall detection) lets the user better tune the scanner when running against a firewall or a slow link
  • Improved RTT estimation and congestion detection by regularly probing unfiltered ports

Windows Specific changes

  • NessusGUI.exe has been removed in favor of NessusClient.exe which is now bundled with the installer
  • It is now possible to authenticate the clients via SSL certificates
  • KB saving and other options common to the UNIX version of Nessus are supported on the Windows platform
  • Installer now lets the user decide which components to install (server, client or both)
  • When the scanner is registered with either a Direct or Registered feed, it will automatically fetch and process the new updates from nessus.org every 24 hours

Mac OS X Specific changes

  • Nessus Client 3.2 includes a fixed a memory leak that occurred in the 3.0 version
  • Nessus 3.2.0 now is a real universal binary

Linux platforms

Nessus 3.2 is now  available for the following Linux platforms :

  • Debian 4 (i386 and amd64)
  • Fedora 7 (i386)
  • Fedora 8 (i386)
  • Red Hat Enterprise Linux 3, 4 and 5 (i386)
  • Red Hat Enterprise Linux 5 (x86_64)
  • SuSE Linux 9.3 and 10.0 (i386)

NessusClient 3.2.0 specific changes

  • A new 'network' tab when editing a policy, lets the user control some Nessus 3.2 specific options  such as maximum TCP sessions.
  • Fixed several bugs which might cause the client to crash in the middle of a scan.
  • Opening a large .nessus file in the client now takes less time.

For more Information

Nessus 3.2.0 can be obtained at http://www.nessus.org/

Feedback and bug reports can be sent to http://bugs.nessus.org/

Demo videos of Nessus 3.2, including an 12 minute introduction video for new users, are available online.

Nessus documentation is available here:  http://www.tenablesecurity.com/documentation/