The Nessus vulnerability scanner features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.
Nessus 4.4.1 is a point release, containing several enhancements and minor bug fixes.
rom a user perspective, there is a new feature that allows the SYN scanner to be selectively throttled. A new setting, nessus_syn_scanner.global_throughput.max can be added to the nessusd.conf file. The option sets the maximum number of packets per second that Nessus will send during a SYN port scan (regardless of how many hosts are scanned in parallel).
In addition, several enhancements and bug fixes are included:
- When qdb_mem_usage is set to “High” (default), if Nessus fails to allocate enough memory to store the plugins DB, it switches to the “low” usage mode, instead of aborting
- The packet forgery subsystem is more scalable, which leads to faster network discovery (among other things)
- Consistency in characters permitted between command line user management and Nessus Web GUI
- MAC addresses now show up in .nessus v1 files
- Report generation speed has been improved
- Custom plugins handle the import() function better (they work now)
- The Nessus “generic” Linux build is now statically linked
- SuSE 11 now supported (32 and 64 bit platforms)
- The Ubuntu 10.10 builds now contain their own version of OpenSSL (Ubuntu silently disabled support for SSLv2)
- Fixed a Solaris “hang” issue happening during some scans
- Additional enhancements and bug fixes to the SYN Port Scanner
- Enhancements and bug fixes to several NASL functions, memory management (Linux, Win32) and Win32 robustness.