Jump to content
dmitriyko

replacement for Nessus

Recommended Posts

dmitriyko

Hi,

 

Please advice - can OpenVAS be a full replacement for Nessus? Who use it - can you please tell a bit about ше positive and negative sides?

 

Thank you

Share this post


Link to post
millwalll

I have used Openvas once or twice and its not a bad tool compared with Nessus. As a Free tool its pretty good but the main problem I find it Nessus just has more flexibility and the output files are easy to read and manage. When I have used Openvas I find myself fighting with it more maybe I just more used to Nessus.

  • Like 1

Share this post


Link to post
butle49056

open vas is open source Nessus.   Nessus is just way easier and better and more user friendly and simpler and has a whole bunch of easy to configure conf options to scan network, web, for pci, etc.  openvas is so complicated with all the stuff you got to do I just give up trying to use it.  even if you do somehow happen to get it up and running it is no better than nessus because it is open source nessus and made out of nessus.   I mean I am an intermediate ethical hacker and I had such a hard time and gave up because I can get nessus up and running in 10 minutes on any machine and using any OS.  Why hassle and waste time screwing with openvas.   Then again, I am not very patient.

Why did not elearnsecurity.com use openvas in their WAPT training instead of using Nessus.  I think that tells you something!!!!!   I think Millwalls experience is pretty much par for the course.  Of course there will always be those purists that love to waste their time insisting that once (after screwing with openvas for many hours) you master it, you have really accomplishe something and that it is very good.  Like I said I do not have a lot of patience.

  • Like 2

Share this post


Link to post
dmitriyko

I talking about OpenVAS, because Nessus is commersial and proprietary. Free version allows to scan only local network hosts. How you use Nessus? Buy license, or... ?

Share this post


Link to post
butle49056

Nessus has a free community full version that is for personal home lab use to learn on.  If you use it for pen testing commercially to make money you have to buy a license. 

Share this post


Link to post
millwalll

I do think with the free community edition you are limited how many hosts you can scan at once but for home lab that should be fine. If it for commercially use then hands down Nessus would be worth paying for the licence it will same you more time in the long run as the format is so much more readable and its very easy to import and use with other tools saving you time.

Share this post


Link to post
michal.orzechowski

Well in my humble opinion all automatic tools are not the best solutions for pentesters.

1. They all produce a lot of false alerts or irrelevant information.

2. They made you lazy.

3. They are more for automatic vulun detection to make you happy with PCI and all that stuff.

4. They may save you some time but only  if you dealing  with English speaking customers and they are happy with English output. Otherwise translating toons of raports may be time consuming task :)

 

So my advise is to avoid them as much as you can.

Share this post


Link to post
Gabriel

"Well in my humble opinion all automatic tools are not the best solutions for pentesters."

I absolutely agree with Michal.  Nessus gives you a vulnerability scan.  It may not be a bad starting point, but by no means is it a pentest.  I see too many people heavily rely on automated scan results and they end up miss quite a bit because of it.

 

If you are looking for free enterprise grade tools for vulnerability scanning take a look at Nexpose. The main limitation of the free version is that you can only scan 16 IP addresses at a time.

 

I prefer Nessus but I don't use it for pentesting.  I use it for monitoring my companies patch management progress.  

 

Nessus has a nice API so I was able to write a script that automatically handles scan scheduling and ticket creation for our Corp IT group.  In addition Corp IT staff are even able to request a retest on demand to validate that they have properly resolved the issue while having no real control or access over the scanner.

Share this post


Link to post
michal.orzechowski

Gabriel. Great idea with this script really nice one :)

Share this post


Link to post
dmp

I used both. OpenVAS takes more time for the installation. Nessus in many cases is more accurate with the results. If you want to try another tool (limited only to web application vulnerability assessment), you can give a try to Vega http://www.subgraph.com/products.html, it should be already included in Kali Linux. I found it useful sometimes.

  • Like 1

Share this post


Link to post
dmitriyko

Thank you for advice, shardn. OpenVAS installation typicaly is not a problem, if i use Kali Linux - it is already there and need few commands to start. Will also look at Vega web scanner.

Share this post


Link to post
herman

I have used OpenVAS to play with in a homelab and once you got it running it would be ok. However I had a few times that one critical component did not want to start, wasted time fixing it and of course forgot to document the fix haha. 

 

I'll have a look at Nexpose and Vega. For any commercial work I would use Nessus. This would be for compliance / patch management purposes. Never found scanners useful on a pentest as it is too noisy and mostly finds low hanging fruit which a good manual test plan will also discover. 

  • Like 1

Share this post


Link to post
schuydorsey

OpenVas is okay but the Greenbone frontend tool is awful in my opinion. 

 

When it comes to vulnerability scanning for true vulnerability management, Nessus is superior in my opinion because of the reporting capabilities. In vulnerability management, the scanning is useless unless it can provide meaningful and actionable reporting. 

 

But as I said, OpenVas as a scanner is just fine. TraceCSO uses OpenVas under the hood and produces great reports and management capabilities from the results. 

  • Like 1

Share this post


Link to post
dmitriyko

Will play with OpenVas more than :)

Share this post


Link to post
dmitriyko

Sad, that TraceCSO doesn't have free version..

Share this post


Link to post
schuydorsey

Yeah but TraceCSO is also a full on IT GRC platform and not just a vulnerability management tool. :) 

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×