52ky 发表于 2022-9-10 13:49:02

全S界最多人使用的系统漏洞扫描与分析软件Nessus

Nessus被认为是现在全世界最多人使用的系统漏洞扫描与分析软件。总共有超越75,000个组织使用Nessus作为扫描该组织电脑系统的软件。
提供完整的电脑漏洞扫描服务,并随时更新其漏洞数据库。
不同于传统的漏洞扫描软件,Nessus可一起在本机或远端上摇控,进行系统的漏洞分析扫描。
其运作效能能随着系统的资源而自行调整。假如将主机参加更多的资源(例如加快CPU速度或添加内存大小),其效率发挥可由于丰厚资源而提升。
可自行定义插件(Plug-in)
NASL(NessusAttackScriptingLanguage)是由Tenable所开发布的言语,用来注入Nessus的安全测试选项。
完整支持SSL(SecureSocketLayer)。
自从1998年开发至今已谕十年,故为一架构成熟的软件。选用客户/服务器系统结构,客户端提供了运行在Xwindow下的图形界面,承受用户的命令与服务器通信,传送用户的扫描恳求给服务器端,由服务器启动扫描并将扫描结果出现给用户;扫描代码与漏洞数据彼此独立,Nessus用于每一个漏洞有一个对应的插件,漏洞插件是用NASL(NESSUSAttackScriptingLanguage)编写的一小段模拟攻击漏洞的代码,这种使用漏洞插件的扫描技术极大的方便了漏洞数据的保护、更新;Nessus具有扫描恣意端口恣意服务的才能;以用户指定的格式(ASCII文本、html等)生成具体的输出报告,包括方案的脆弱点、怎样修补漏洞以避免黑客入/侵及风险等级。

(Nessus is considered to be the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75,000 organizations use Nessus as the software to scan the organization's computer systems.
Provide a complete computer vulnerability scanning service and update its vulnerability database at any time.
Different from traditional vulnerability scanning software, Nessus can be remotely controlled together on the local machine or remote to perform system vulnerability analysis and scanning.
Its performance can be adjusted according to the system resources. If you add more resources to the host (such as speeding up the CPU or increasing the size of memory), its efficiency can be improved due to the abundance of resources.
Customizable plug-ins (Plug-in)
NASL (NessusAttackScriptingLanguage) is a language developed by Tenable to inject Nessus security testing options.
Full support for SSL (SecureSocketLayer).
It has been ten years since it was developed in 1998, so it is a software with mature architecture. The client/server system structure is selected, the client provides a graphical interface running under Xwindow, accepts the user's command to communicate with the server, transmits the user's scan request to the server, and the server starts the scan and displays the scan result to the user; scan code The vulnerability data is independent of each other. Nessus has a corresponding plugin for each vulnerability. The vulnerability plugin is a small piece of code written in NASL (NESSUSAattackScriptingLanguage) to simulate attacking vulnerabilities. This scanning technology using vulnerability plugins greatly facilitates vulnerabilities. Data protection, update; Nessus has the ability to scan any port and any service; generate specific output reports in user-specified formats (ASCII text, html, etc.), including program vulnerabilities, how to fix vulnerabilities to avoid hacking/invasion Risk level.)




页: [1]
查看完整版本: 全S界最多人使用的系统漏洞扫描与分析软件Nessus