Nessus 3.0.5 Available
This point release provides fixes for multiple minor issues with Nessus 3.0.4. The fixes include:
- Faster startup time, especially on laptops
- Improved the performance of the SYN port scanner
- Fixed a memory leak in the Mac OS X client
- Vista compatibility improved
- Various minor bugs fixed in the NASL engine
- Better chasing of zombie processes
Platform specific changes include:
- Windows : Improved Vista compatibility
- Mac OS X : fixed a memory leak in the client
- Mac OS X : fixed the way plugin preferences are processed (some prefs would not be displayed)
- Red Hat/Fedora : The priority of the nessusd startup script is now at 98 instead of 90, so that it starts later in the boot process
- On Debian, the dependencies of the Nessus package have been fixed to reflect the need of libssl0.9.7
Other changes of interest :
- nessusd.conf now accepts the option "listen_address" which can be used to bind the nessusd daemon to a specific port (just like 'nessusd -a' does). Adding 'listen_address 127.0.0.1" in nessusd.conf will force nessusd to only listen on the loopback interface (thanks to Martin Mačok for suggesting this)
- If you write your own plugins you'll notice that the changes you make are not reflected in the scan itself until the next plugin update. To speed up the startup time of nessusd, we now compare the timestamp of the plugins db with the time of the last update. This avoids inspecting thousands of files at startup. To force nessusd to inspect the timestamp of every plugin at startup, simply start it with the '-t' switch (as in 'nessusd -t -D').
Other minor fixes :
- nessus-update-plugins now displays a proper error message when plugins.nessus.org is unreachable
- 'nessus -i report.nbe -o report.html' would sometime crash when converting a malformed .nbe file to another format
- In NASL, shared_socket_acquire() now returns 0 on error, not -1
Nessus users should upgrade to Nessus 3.0.5 and obtain it directly from http://www.nessus.org. Tenable recommends that all Nessus 3 users perform the upgrade.
Related articles
Cybersecurity Snapshot: Beware of Mobile Spyware Attacks, Cyber Agencies Warn, While Corporate Boards Get Cyber Governance Guidance
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of directors. Also, find out what webinar attendees told Tenable about using port scanning and service discovery to ...
New CISA Hardening Guidance Provides Valuable Insights for Network Security Engineers
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure, is applicable to a wider audience. This blog unpacks important points and explains how Tenable products...
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable....
- Nessus