Jump to content
othman.bouayad

Nessus Community Edition

Recommended Posts

othman.bouayad

Hi, 

I have noticed that the latest version of Nessus Community Edition doesn't allow the scan of public ip addresses. 

What other freely available vulnerability scanner do you recommend ?

(I have heard a lot of good things about OpenVAS, but i have not tested it yet)

Thanks, 

  • Like 1

Share this post


Link to post
Anuj Sharma

Have you tried the NMap scripting engine? NMap has powerful scripts which can scan the target for vulnerabilities. They are located in the /usr/local/share/nmap/scripts/ directory if you are using backtrack 5. NMap scripts has also been covered in the Scanning module of Network Security as well.

 

OpenVAS has been forked out of Nessus, I haven't tried this as my employer has a professional version :rolleyes: , but do let us know your feedback if you give it a try.

 

There are various modules in Metasploit as well that can scan for vulnerabilites.

Share this post


Link to post
othman.bouayad

Hi, 

thanks anuj,  i did know about NSE scripts but usually theses scripts target a vulnerability or a very specific set of vulnerabilities;

I'll try OpenVas and try to give a feedback;

Best regards;

Share this post


Link to post
othman.bouayad

Hi i tried OpenVAS,

I found it quiet fast but not merely as comprehensive and intuitive to use as Nesssus.

Best regards

Share this post


Link to post
guier.mike

I would imagine if you learned nmaps scripting engine, that would provide all you need. other than that I havent tried out OpenVAS.

Share this post


Link to post
robertray

http://www.scip.ch/?labs.20130625 Vulnscan - nse scripts.

 

"Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of different vulnerability databases."

  • Like 1

Share this post


Link to post
othman.bouayad

Hi,

Thank you for your answer, i'll try vulnscan.

Best regards,

Share this post


Link to post
SnakeByte

Not trying to encourage you to abuse Nessus policy, but in case you performing a external scan on your home public ip, Nessus community edition still lets you scan "public ips" you can simply ignore the warning.

 

If you want to perform a professional/business scan which is not allowed by Nessus terms, I find OpenVAS 6 (self install not the one built into Kali) very satisfying, specially the new Web admin panel.

  • Like 1

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×