Nessus 3.2 beta - Automated Nessus Program Updates
If you are a Nessus user, you are no doubt familiar with the process to subscribe your Nessus scanner to the Direct Feed or Registered Feed to automatically receive new vulnerability plugins produced by Tenable's research group.
With Nessus 3.2 (currently in beta and available for download as Nessus 3.1.5) a similar process is available to upgrade the Nessus scanner itself. This blog entry will show how users who have installed one of the Nessus 3.1.x beta releases of Nessus 3.2 can automatically upgrade.
Automatic Upgrades
To update the release of Nessus, the scanner must be subscribed to either the Direct to Registered plugin feeds. If your Nessus scanner is automatically receiving plugins then you will be able to upgrade when new releases are available.
The update process is run from the command line with the new command 'nessus-update' which is located in the ~/sbin installation directory. While in the ~/sbin directory, you can check your version of Nessus by invoking the Nessus daemon with the -v command:
[root@cosmic sbin]# ./nessusd -v
nessusd (Nessus) 3.1.3. [build A567] for Linux
(C) 1998 - 2007 Tenable Network Security, Inc.
To check for a new build of Nessus, and to install it, simply run the 'nessus-update' command:
[root@cosmic sbin]# ./nessus-update
Nessus 3.1.5 is available. Do you want to upgrade to this version ? [y]
The program checks to make sure that Nessus is subscribed to either a Direct or Registered feed and that a new build is indeed available. If both of these conditions are met, the package will be downloaded and installed.
The update download is signed and the signature of the update is checked against the nessus.org public key that is in place.
If your Nessus scanner is set to also update its plugins, a plugin update will be invoked right after an upgrade is completed.
Current Nessus 3.2 Beta Status
The latest release of the Nessus 3.2 beta is version 3.1.5 and is available for download from the Nessus web site. Nessus 3.2 beta downloads are available for Linux, FreeBSD and Solaris. Windows and OS X versions are currently in development. The Nessus 3.2 beta supports IPv6 scanning, a library to write custom WMI queries and also a command line program to initiate a complete vulnerability scan.
If you have also started to use the NessusClient 3.0 to manage your scans, if you connect to a Nessus 3.2 beta scanner, you will notice two new things. First, the login process is much faster. And second, during a scan, you now have an option to pause an on-going scan, as shown below:
|
Related articles
Cybersecurity Snapshot: Beware of Mobile Spyware Attacks, Cyber Agencies Warn, While Corporate Boards Get Cyber Governance Guidance
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of directors. Also, find out what webinar attendees told Tenable about using port scanning and service discovery to ...
New CISA Hardening Guidance Provides Valuable Insights for Network Security Engineers
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure, is applicable to a wider audience. This blog unpacks important points and explains how Tenable products...
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable....
- Nessus