(Nessus is considered to be the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75,000 organizations use Nessus as the software to scan the organization's computer systems.
Provide a complete computer vulnerability scanning service and update its vulnerability database at any time.
Different from traditional vulnerability scanning software, Nessus can be remotely controlled together on the local machine or remote to perform system vulnerability analysis and scanning.
Its performance can be adjusted according to the system resources. If you add more resources to the host (such as speeding up the CPU or increasing the size of memory), its efficiency can be improved due to the abundance of resources.
Customizable plug-ins (Plug-in)
NASL (NessusAttackScriptingLanguage) is a language developed by Tenable to inject Nessus security testing options.
Full support for SSL (SecureSocketLayer).
It has been ten years since it was developed in 1998, so it is a software with mature architecture. The client/server system structure is selected, the client provides a graphical interface running under Xwindow, accepts the user's command to communicate with the server, transmits the user's scan request to the server, and the server starts the scan and displays the scan result to the user; scan code The vulnerability data is independent of each other. Nessus has a corresponding plugin for each vulnerability. The vulnerability plugin is a small piece of code written in NASL (NESSUSAattackScriptingLanguage) to simulate attacking vulnerabilities. This scanning technology using vulnerability plugins greatly facilitates vulnerabilities. Data protection, update; Nessus has the ability to scan any port and any service; generate specific output reports in user-specified formats (ASCII text, html, etc.), including program vulnerabilities, how to fix vulnerabilities to avoid hacking/invasion Risk level.)