Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Nessus 3.0 released

from [Josh Perrymon] Network Security [Permanent Link]
Subject: RE: Nessus 3.0 released
Date: Tue, 13 Dec 2005 15:32:07 -0600 
I just got my dependency issues cleared up on my Auditor HD install..

I installed the GTK client and got 3.0 up and running..

MUCH MUCH Faster.  I'm very impressed.

The new NessusClient will take some time to master but I like what I
see.

J Perrymon 

-----Original Message-----
From: Erin Carroll [mailto:amoeba@amoebazone.com] 
Sent: Tuesday, December 13, 2005 3:44 PM
To: Renaud Deraison
Cc: pen-test@securityfocus.com
Subject: Re: Nessus 3.0 released

On Tue, 13 Dec 2005, Renaud Deraison wrote:

Thanks for the response Renaud. My comments are inline below:


In terms of performance, the "raw" nasl3 performance is roughly 16x 
faster than nasl2, which puts the language on par with more 
traditional languages like perl (and faster than python). In some 
corner cases you can get an even more impressive performance 
improvement, for instance when using recursive functions.

Of course, since Nessus is a _network_ scanner, the bottleneck in the 
end is the network itself, so a nasl engine which is N times faster 
does not imply a scanner which is N times faster. An overall scan of 
our lab (local network) takes twice as less time as it used to.
However some hosts are much faster -- in particular the Windows boxes 
(the reason is that our SMB API is more complex code-wise that what it



used to be, so that's where one can see the biggest boost).


Sweet. Can't wait to test it out and crunch some comparisons myself.

One key performance issue I've run into (and I'm prbably not alone here)
is the inability to easily manage the nessus server-side resource
utilization when working with large numbers of hosts. While you can of
course limit the number of consecutive scans, or even nice nessusd
itself, there are many cases where the resource bottleneck is due to a
particular plugin or a well filtered host (as you allude). Is there
capability within the engine itself (or plans to implement) a way for
nessusd to set resource limits that don't rely on variables like the #
of scanned hosts/concurrent scan threads? I.e. nessus can use up to X
%age of available memory/cpu/IO and self-throttle.

Trying to find that sweet spot for # of host scanned vs. memory/resource
utilization can sometimes mean the difference between a scan taking
several hours and a couple of *days*... and the less juggling/guesswork
on where that sweetspot would make me a happy camper.


- We have also fixed many false positives over the last months. To 
such an extent that we'll soon announce a "contest" were anyone 
helping us fix 10 different false positives (and negatives) will 
obtain a free direct feed, so we can be sure the nail the remaining 
plugins which sometimes do not behave as expected (I'll repost about 
that very soon).


Please let me know when you plan to roll that out and I'll make sure to
pass it on to the pen-test list members.


-Erin Carroll
Moderator
SecurityFocus pen-test list


------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nessus 3.0 released, Renaud Deraison
Next by Date:  Re: Cracking WEP and WPA keys, Robert Baldi
Previous by Thread:  RE: Nessus 3.0 released, Josh Perrymon
Next by Thread:  Re: RE: Nessus 3.0 released, nospam
Indexes:  [Date] [Thread] [Top] [All Lists]