Renaud Deraison discusses the release of Nessus 3 and changes done over the last 12 months, as well as network security in general in scip Monthly Security Summary (in German). The interview was conducted by Marc Ruef.   More Information

At Tenable, we have written several in-house tools which make it easier for us to analyze patches and produce vulnerability checks. One of these tools is an IDA Pro plugin called "mIDA".

mIDA is an IDA plugin which extracts RPC interfaces and recreates the associated IDL file. It supports inline, interpreted and fully interpreted server stubs.

If you are a security researcher and often toy with RPC vulnerabilities and tools like muddle or unmidl, you definitely want to have a look at this plugin.


mIDA 1.0.0 can be downloaded from here

(note that mIDA works with IDA Pro 4.9)   More Information

Nessus 3.0.1 (build 114) is now available on our web sites.

Here is the list of changes in this release :

- Improvements :

- Lighter resources consumption of the master processes, which in turn improve scalability (one has to account for ~ 6 megabytes of RAM per host tested in parallel)
- Reduce the CPU usage of nessusd when the only running plugin is executing a local command
- Improved the timing of synscan.nes which could result in very long (nearly infinite in time) port scans
- Slightly faster (~ 20%) initial processing of the plugins

- When nessusd updates itself, the process now restarts properly
- Fixed the error message "Warning this scanner seems to be using the plugin feed of another host" which would
sometimes be displayed when the nessusd host changes of IP addresses
- Fixed a NULL pointer dereferencement which may happen in some cases when dealing with shared sockets

- Removed bogus warning messages occuring when max_checks is set to a very high value (which is not a good idea in the first place -- max_checks should be set to 4 most of the time)
- KB files of hosts which are dead are not saved on disk (as they are empty)
- Re-introduced HTML export, due to popular demand
- The RPMs have stronger dependencies set
- The SuSE 9.3 build is now linked to the default libdb 4.3

A new version of NessusClient, a GTK GUI for Nessus, has been released.

Here are the changes in this version :

Various small fixes/typos


NessusClient is available as source code for the moment, binary packages will be released in a few weeks.

01/08/2005: NessusClient 1.0.0.RC3 has been released. RC3 fixes one segmentation fault introduced in RC2 and occuring in command-line mode only.   More Information

12th December, 2005: Nessus 3.0.0 released !

Nessus 3 is a complete rewrite of the Nessus engine, designed for speed and efficiency -- as a result, Nessus 3 is on average twice as fast as Nessus 2, (with spikes as high as five times faster) and less resource intensive.

The Nessus 3 major enhancements are the following :

• New NASL3 engine
  
• Improved plugin storage for faster startup time
  
• Improved networking functions
  
• New scanner architecture to be both efficient and robust
  
• The Nessus daemon fetches the plugins automatically when registered (this can be disabled in nessusd.conf)
  
• Improved error handling
  

Nessus 3 is available on the following platforms :

• Red Hat ES3 and ES4
  
• SuSE 9.3 and 10.0
  
• FreeBSD 5 and 6
  
• Fedora Core 4
  
• Debian 3.1
  

The following platforms will be supported in early 2006 :

• Mac OS X 10.3 and 10.4
  
• Microsoft Windows 2000/XP Pro/2003
  
• Solaris 9 and 10
  

We are also extending the service we offer to our direct feed customers to include full email support, with access to our customer portal which gives users the ability to reset their activation codes, track their support tickets, and have access to the Nessus Support Knowledge base.
   More Information