'Various Nessus-related news'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus-announce
Subject:    Various Nessus-related news
From:       Renaud Deraison <deraison () nessus ! org>
Date:       2003-11-05 23:03:38
[Download RAW message or body]

Lot of news :

1. Nessus 2.0.9 released
2. NeWT 1.0 released
3. Scanning your Windows domain with Nessus
4. Forums on Nessus.org


1. Nessus 2.0.9 released
----------------------------------------------------------------------------

Nessus 2.0.9 has been released. This new release should mostly be useful
to BSD users, however some tests seem to show that it induces a lighter load
on Linux systems as well.


The main changes in this new releases are :

. changes by Michel Arboi :

- Added functions in libnasl (join_multicast_group(), unixtime(), and
  more...)
- Fixed send_packet() possible fd leak
- SSL connections now use non-blocking sockets

. Changes by Pavel Kankovky : 

- Minimize the number of pixmaps that need to be created in the Nessus 
  client by re-using them

. changes by Renaud Deraison :

- The bpf sharing system now works fine on BSD systems, so Nessus
  now only requires one /dev/bpf to work correctly, no matter how many
  hosts are being tested
- Minor bug fixes
- A bug in tcp_ping() would make some probes have a source port set to 0


As I wrote, the main improvement is to have a real bpf sharing system. 
In a nutshell, on BSD systems (Free/Open/NetBSD and MacOSX) when you want
to read packets from the network directly (ie: to read the replies to the
packets forged), you have to use the Berkeley Packet Filter (/dev/bpf) which
is a fast and reliable interface to do so.

The problem is that each process which wants to read data from /dev/bpf has
to open its own. Since a typical BSD systems ships with very few of them
(only four on MacOS X), Nessus would sometime fail to read raw packets. One
of the biggest symptom so far to have Nessus proudly tell you that your
fully populated class C had no live host on it.

The solution which has been implemented is to add a bpf sharing module. 
Basically, plugins who need to read packets from the network will "subscribe"
to the module and send the filter they want the packets to match to, and
in return the bpf sharing module will forward the matching packets to these
plugins. This creates little overhead compared to a traditional in-kernel bpf,
and the end result is that Nessus now only needs one /dev/bpf by used 
network interface.


Another good news is the use of non-blocking SSL sockets. To handle 
timeouts on top of SSL connections, nessusd was using an alarm signal handler.
It turns out that a mere call to alarm() is uterly slow under MacOS X, and
the use of an interruption to handle a timeout is ugly code anyway, so Michel
rewrote the timeout parts of our networking library to now use non-blocking
SSL sockets. This cleans up the code, and this should be a very good news
to MacOS X users who will find that this really increases the performance
of Nessus under their operating system.


Nessus 2.0.9 is available at :

		http://www.nessus.org/download.html


2. NeWT 1.0 has been released
-----------------------------------------------------------------------------


I'm also glad to announce the availability of NeWT 1.0. NeWT is a fully native
port of the Nessus engine to the Win32 platform. This is a commercial product 
sold by Tenable, the company I co-founded with Ron Gula. NeWT comes with 
professional support. So if you are tired of configuring Linux just for using 
Nessus, give it a try - a 30 days demo is available at :

	 http://www.tenablesecurity.com/newt.html



3. Scanning your Windows domain with Nessus
-----------------------------------------------------------------------------

Sunil Vakharia wrote an excellent white paper explaining why you should 
give NT credentials to Nessus when scanning your Windows domain, and how
to do so. It's a must-read for everyone dealing with scanning Windows 
networks, and it's available at : 

		http://www.nessus.org/doc/nessus_windows_domain.pdf


4. Nessus.org forums
------------------------------------------------------------------------------

I set up forums for every plugin on the Nessus.org site so that everyone
can now comment the plugins. Your comments may include anything from false
positives reports to comments on your you fixed a given vulnerability.
See http://cgi.nessus.org/plugins/dump.php3?id=10676 for an example of a 
constructive question or http://cgi.nessus.org/plugins/dump.php3?id=11907
for an example of an improved description of a plugin. 
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic