Nessus is an open source, comprehensive cross-platform vulnerability scanner with CLI and GUI interfaces. The basic...
components of Nessus include:
- The Nessus Client and Server Model
- The Nessus Plugins
- The Nessus Knowledge Base
Nessus works by performing a step-by-step review. Here are the basic steps:
- Inventory network devices
- Identify targets
- Create a plugin policy
- Launch a scan
- Analyze the reports
- Remediate and repair
Most networks are rather large so instead of trying to scan an entire network, classify the hosts into groups and then scan each group. Just from the data standpoint this will make the job easier as you will have such a massive amount of data to review.
Now comes the last and what some may feel is the hardest step: remediate and repair. Most vulnerability assessment tools like Nessus offer remediation advice, and although the tools have proven to be accurate, your mileage may vary. Therefore, I recommend that you carefully research all remediation plans before taking any action.
Dig Deeper on Network Security Monitoring and Analysis
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ... Continue Reading
Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security. Continue Reading
Security expert Michael Gregg fields a question about unknown network cards gaining access to a user's network. Continue Reading