Nessus Scanner User Information

Nessus is a network-based vulnerability scanner that can connect to a network service, collect information about that service, and then compare the collected service information against known vulnerabilities.

Example Use Case

For example, you can use Nessus to scan your webserver. It will likely be able to determine the kind of webserver, its version, any enabled modules, and the host's underlying operating system. If the example host is running apache 2.1.0, Nessus will determine any known vulnerabilities for that version and provide them in its report, along with remediation advice (e.g., upgrade to 2.3.70). Nessus will also provide additional contextual information about the host, including open ports, identified network services, and traceroute information.

In addition to identifying services that contain known vulnerabilities, Nessus can help you find unnecessary services, and services that may be necessary but which are inadvertently open to the Internet (e.g., you may need MySQL, but you probably don't need it to be accessible from the internet). We encourage the use of vulnerability scanning in all production server, application, and host deployments.

Nessus Resources

• Known Issues
• Passwords
• Request a Nessus Account
• Request a Scan
• Running a Scan
• Support Request
• System Maintenance Times
• Target Preparation