Nessus 3.2 Now Available!

March 12, 2008 – 1:53 PM

Tenable Network Security is proud to announce the availability of Nessus 3.2.0, as well as NessusClient 3.2.0. Nessus 3.2.0 is a major release, containing several changes from  Nessus 3.0.x :

New Features

• Support for IPv6 targets (for the Linux, FreeBSD, Solaris and Mac OS X flavors)
• Support for limiting the number of active TCP sessions in parallel  (per host, per scan, per scanner)
• A new nessuscmd tool that lets one run quick scans from the command-line
• A new nessus-update tool that lets one update the Nessus engine from the command-line (on select platforms)
• The Nessus daemon can now detect hosts which are being turned off during the scan and stop scanning them
• The Nessus daemon can now detect when the network is congested and change the TCP settings appropriately
• Nessus user account access control rules are now more granular and can be used to prevent the scanner from connecting to certain ports or to use certain plugins
• The nessus command-line tool can read and write to and from a .nessus file
• Improved WMI support (see http://cgi.tenablesecurity.com/tenable/WMI.html)

Improvements

• New nasl functions can dynamically alter the plugin selection
• Improved memory management by NASL scripts
• Support for more SSH ciphers (AES-128/AES-192/AES-256/3DES)
• Improved service detection — a new service detection plugin (find_service.nasl) replaces the old find_service.nes
• On Unix systems, the initial plugin processing now takes advantage of multi-core CPUs
• nessusd.rules now let you tune which plugins are forbidden for a scan, and which ports can or can’t be connected to

Improvements to the Nessus TCP Scanner

• Simplified preferences — a new cursor option (firewall detection) lets the user better tune the scanner when running against a firewall or a slow link
• Improved RTT estimation and congestion detection by regularly probing unfiltered ports

Windows Specific changes

• NessusGUI.exe has been removed in favor of NessusClient.exe which is now bundled with the installer
• It is now possible to authenticate the clients via SSL certificates
• KB saving and other options common to the UNIX version of Nessus are supported on the Windows platform
• Installer now lets the user decide which components to install (server, client or both)
• When the scanner is registered with either a Direct or Registered feed, it will automatically fetch and process the new updates from nessus.org every 24 hours

Mac OS X Specific changes

• Nessus Client 3.2 includes a fixed a memory leak that occurred in the 3.0 version
• Nessus 3.2.0 now is a real universal binary

Linux platforms

Nessus 3.2 is now  available for the following Linux platforms :

• Debian 4 (i386 and amd64)
• Fedora 7 (i386)
• Fedora 8 (i386)
• Red Hat Enterprise Linux 3, 4 and 5 (i386)
• Red Hat Enterprise Linux 5 (x86_64)
• SuSE Linux 9.3 and 10.0 (i386)

NessusClient 3.2.0 specific changes

• A new ‘network’ tab when editing a policy, lets the user control some Nessus 3.2 specific options  such as maximum TCP sessions.
• Fixed several bugs which might cause the client to crash in the middle of a scan.
• Opening a large .nessus file in the client now takes less time.

For more Information

Nessus 3.2.0 can be obtained at http://www.nessus.org/

Feedback and bug reports can be sent to http://bugs.nessus.org/

Demo videos of Nessus 3.2, including an 8 minute introduction video for new users, are available online.

Nessus documentation is available here:  http://www.tenablesecurity.com/documentation/