Nessus 3.2 Now Available!

‹ Previous Post
Testing Windows Vista systems for FDCC compliance with Nessus
Blog Home
Next Post ›
Reverse NAT Detection With Nessus

Tenable Network Security is proud to announce the availability of Nessus 3.2.0, as well as NessusClient 3.2.0. Nessus 3.2.0 is a major release, containing several changes from Nessus 3.0.x :

New Features

  • Support for IPv6 targets (for the Linux, FreeBSD, Solaris and Mac OS X flavors)
  • Support for limiting the number of active TCP sessions in parallel  (per host, per scan, per scanner)
  • A new nessuscmd tool that lets one run quick scans from the command-line
  • A new nessus-update tool that lets one update the Nessus engine from the command-line (on select platforms)
  • The Nessus daemon can now detect hosts which are being turned off during the scan and stop scanning them
  • The Nessus daemon can now detect when the network is congested and change the TCP settings appropriately
  • Nessus user account access control rules are now more granular and can be used to prevent the scanner from connecting to certain ports or to use certain plugins
  • The nessus command-line tool can read and write to and from a .nessus file
  • Improved WMI support (see


  • New nasl functions can dynamically alter the plugin selection
  • Improved memory management by NASL scripts
  • Support for more SSH ciphers (AES-128/AES-192/AES-256/3DES)
  • Improved service detection -- a new service detection plugin (find_service.nasl) replaces the old find_service.nes
  • On Unix systems, the initial plugin processing now takes advantage of multi-core CPUs
  • nessusd.rules now let you tune which plugins are forbidden for a scan, and which ports can or can't be connected to

Improvements to the Nessus TCP Scanner

  • Simplified preferences -- a new cursor option (firewall detection) lets the user better tune the scanner when running against a firewall or a slow link
  • Improved RTT estimation and congestion detection by regularly probing unfiltered ports

Windows Specific changes

  • NessusGUI.exe has been removed in favor of NessusClient.exe which is now bundled with the installer
  • It is now possible to authenticate the clients via SSL certificates
  • KB saving and other options common to the UNIX version of Nessus are supported on the Windows platform
  • Installer now lets the user decide which components to install (server, client or both)
  • When the scanner is registered with either a Direct or Registered feed, it will automatically fetch and process the new updates from every 24 hours

Mac OS X Specific changes

  • Nessus Client 3.2 includes a fixed a memory leak that occurred in the 3.0 version
  • Nessus 3.2.0 now is a real universal binary

Linux platforms

Nessus 3.2 is now  available for the following Linux platforms :

  • Debian 4 (i386 and amd64)
  • Fedora 7 (i386)
  • Fedora 8 (i386)
  • Red Hat Enterprise Linux 3, 4 and 5 (i386)
  • Red Hat Enterprise Linux 5 (x86_64)
  • SuSE Linux 9.3 and 10.0 (i386)

NessusClient 3.2.0 specific changes

  • A new 'network' tab when editing a policy, lets the user control some Nessus 3.2 specific options  such as maximum TCP sessions.
  • Fixed several bugs which might cause the client to crash in the middle of a scan.
  • Opening a large .nessus file in the client now takes less time.

For more Information

Nessus 3.2.0 can be obtained at

Feedback and bug reports can be sent to

Demo videos of Nessus 3.2, including an 12 minute introduction video for new users, are available online.

Nessus documentation is available here:

Filed Under: ,