Users login

Create an account »


Users login

Home » Hacking News » Nessus 2.0 is out

Nessus 2.0 is out

by Nikola Strahija on February 24th, 2003 Nessus is a vulnerability assessment tool available under the GNU General Public Licence (GPL). It runs on many Unix-like systems (Linux/FreeBSD/OpenBSD/ Solaris/IRIX/MacOSX and probably others) but can audit a wide range of hosts, ranging from HP printers to Windows XP.

Its complete list of features is available at

What is new in Nessus 2.0

The focus of Nessus 2.0 was to clean up the code and greatly improve the
speed of nessusd. As a result, the major changes are :

- Brand new NASL interpretor, totally re-written from scratch

- Extended the NASL language to support new operators and functions

- Smarter plugin scheduling algorithms, for better parallelism

- New ways to perform service detection - each plugin which positively
identifies a service registers it in the knowledge base. At the end
of the scan, services which have not been recognized are flagged and
appear in the report

- Greatly reduced memory usage

- Support for multiple CVE ids per plugin

- Support for Bugtraq IDs in the plugins

- New port scanner (synscan.nes) which computes the round trip time to
the remote host. As a result, scanning firewalled hosts is faster

- Slightly improved the HTML reporting

What is *not* new in Nessus 2.0

We did not change the GUI, so if you expect shiny new buttons, they're not
there. We prefered to focus on the engine for this release, the rest will
follow during the 2.1.x developement cycle.


Nessus 2.0 is available at

Release notes

These are platform-specific release notes :

o Linux

synscan.nes does not work against localhost, because of the way
the libpcap-0.4.x performs packet capture on the loopback interface.

o FreeBSD / OpenBSD / NetBSD

Be sure to create a lot of /dev/bpf on your system before installing
Nessus. You may want to check
before installing Nessus

o Mac OS X

MacOS X is supported, provided you installed the developer tools, Apple's X11
server and optionally GTK. Because of the very limited number of BPFs, you
may want to disable the 'ping host' plugin and use the tcp connect() port
scanner, as there is no easy way to increase those. Nessus includes a
workaround but we suggest you avoid using it at this time.

o Solaris

Be sure to use Bison 1.75 and gnu M4 when compiling Nessus


Packet capture does not work, so the 'ping host' plugin will always
return every host as being dead. Disable it, and use the tcp connect()
port scanner.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »