Nessus is a free and open-source vulnerability scanner that allows administrators to audit the security of systems and networks. It checks for vulnerabilities, misconfigurations, missing security patches, default passwords and denial of service. Nessus has a client-server architecture that allows scanning of multiple hosts simultaneously from one PC. It produces comprehensive reports that are exportable to formats like HTML and LaTeX.
2. Apa Itu Nessus?
Nessus adalah scanner keamanan jaringan yang harus
digunakan oleh administrator system . Nessus adalah
software yang gratis dan bebas di download. Nessus
merupakan sebuah software scanning, yang dapat
digunakan untuk meng-audit kemanan sebuah
sistem, seperti vulnerability, misconfiguration,
security patch yang belum diaplikasikan, default
password, dan denial of serviceNessus berfungsi
untuk monitoring lalu-lintas jaringan.
3. Fitur Pada Nessus
• 1. Plug-in architecture
Setiap security test ditulis sebagai external plugin. Dengan fitur seperti ini,
kita dapat dengan mudah menambah tes yang kita inginkan tanpa harus
membaca kode dari nessusd engine
• 2. NASL (Nessus Attack Scrpiting Language)
NASL adalah sebuah bahasa yang didesain untuk menulis program security
test dengan mudah dan cepat. Selain dengan NASL, bahasa C juga dapat
digunakan untuk menulils program security test.
• 3. Up-to-date security vulnerability database.
4. Fitur Pada Nessus
• 4. Client-sever architecture
Nessus security scanner terdiri dari dua bagian yaitu: sebuah server yang
berfungsi sebagai pelaku serangan, dan sebuah client yang berfungsi
sebagai frontend. Client dan server dapat berjalan pada sistem yang
berbeda. Arti dari fitur ini adalah bahwa keseluruhan jaringan dapat
diaudit melalui sebuah PC,dengan server yang melakukan serangan ke
jaringan yang dituju.
• 5. Dapat mengetes jumlah host yang banyak dalam waktu yang sama.
• 6. Multiple Services
Apabila ada dua buah Web server pada host yang dituju maka Nessus akan
mengetes kedua Web server tersebut.
5. Fitur Pada Nessus
• 7. Smart service recognation.
Nessus tidak mempercayai host yang dituju menggunakan port standar
yang ditentukan oleh IANA. Ini berarti Nessus dapat mengenali sebuah
Web server yang berjalan pada port yang bukan merupakan port standar
(contohnya pada port8080), atau sebuah FTP server yang berjalan pada
port 31337
• 8. Complete reports.
• 9. Exportable reports.
Unix client dapat mengekspor laporan sebagai Ascii text, HTML, LaTeX, dll
6. Jenis audit pada
Nessus
• * credentialed and un-credentialed port scanning
• * network based vulnerability scanning
• * credentialed based patch audits for Windows and most UNIX
platforms
• * credentialed configuration auditing of most Windows and UNIX
platforms
• * robust and comprehensive credentialed security testing of 3rd party
applications
• * custom and embedded web application vulnerability testing
• * SQL database configuration auditing
• * software enumeration on Unix and Windows
• * testing anti-virus installs for out-of date signatures and configuration
errors
7. Jenis audit pada
Nessus
• * credentialed and un-credentialed port scanning
• * network based vulnerability scanning
• * credentialed based patch audits for Windows and most UNIX
platforms
• * credentialed configuration auditing of most Windows and UNIX
platforms
• * robust and comprehensive credentialed security testing of 3rd party
applications
• * custom and embedded web application vulnerability testing
• * SQL database configuration auditing
• * software enumeration on Unix and Windows
• * testing anti-virus installs for out-of date signatures and configuration
errors
8. Spesifikasi Hardware
Pada Nesssus
Nessus Hardware Requirements
Scenario Minimum Recommended Hardware
Nessus managing up to 50,000
hosts
CPU: 1 dual-core 2 GHz CPU
Memory: 2 GB RAM (4 GB RAM recommended)
Disk space: 30 GB
Nessus managing more than
50,000 hosts
CPU: 1 dual-core 2 GHz CPU (2 dual-core
recommended)
Memory: 2 GB RAM (8 GB RAM recommended)
Disk space: 30 GB (Additional space may be
needed for reporting)
Suggested Nessus Manager Hardware Requirements
Scenario Minimum Recommended Hardware
Nessus Manager managing
30,000 agents
CPU: Multiple cores, but prioritize the number of GHz
over the number of cores.
Memory: 64 GB RAM
9. Spesifikasi Software
untuk Nesssus
• Nessus Manager and Nessus Professional
• Operating System Supported Versions
• Linux • Debian 6, 7, and 8 / Kali Linux 1, 2, and Rolling - i386
• Debian 6, 7, and 8 / Kali Linux 1, 2, and Rolling - AMD64
• Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (including Unbreakable Enterprise Kernel) - i386
• Red Hat ES 5 / CentOS 5 / Oracle Linux 5 (including Unbreakable Enterprise Kernel) - x86_64
• Red Hat ES 6 / CentOS 6 / Oracle Linux 6 (including Unbreakable Enterprise Kernel) - i386
• Red Hat ES 6 / CentOS 6 / Oracle Linux 6 (including Unbreakable Enterprise Kernel) - x86_64
• Red Hat ES 7 / CentOS 7 / Oracle Linux 7 (including Unbreakable Enterprise Kernel) - x86_64
• FreeBSD 10 - AMD64
• Fedora 20 and 21 - x86_64
• SUSE 10.0 Enterprise - x86_64
• SUSE 11 Enterprise - i586
• SUSE 11 Enterprise - x86_64
• Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - i386
• Ubuntu 11.10, 12.04, 12.10, 13.04, 13.10, 14.04, and 16.04 - AMD64
• Windows • Windows 7, 8, and 10 - i386
• Windows Server 2008, Server 2008 R2*, Server 2012, Server 2012 R2, Server 2016, 7, 8, and 10 - x86-64
• Tip: Windows Server 2008 R2’s bundled version of Microsoft IE does not interface with a Java installation properly. This
causes Nessus to not perform as expected in some situations: Microsoft’s policy recommends not using MSIE on server
operating systems.
• For increased performance and scan reliability when installing on a Windows platform, it is highly recommended that
Nessus be installed on a server product from the Microsoft Windows family such as Windows Server 2008 R2.
• Mac OS X Mac OS X 10.8, 10.9, 10.10, 10.11, and 10.12 - x86-64
10. Kelemahan dan
Kelebihan
ITEM ADVANTAGE DISADVANTAGE
Single server performs scans and captures results to a
database
High-performance capture of data with minimum results
reporting impact on the network.
Forces centralized server architecture where all scans take
place from a single server.
Open-source product Low cost of ownership. Can be customized by the end user
with technical knowledge.
No support without extra fee. Requires greater knowledge
to install and operate the product.
The user can compile binary Operates on multiple platforms: OSs/CPUs. Requires strong knowledge about the target systems and
open-source software.
Optimized version of Nessus is recommended for scanning
Windows XP SP2 platforms to avoid false negatives
Scalability problem: If your organization has a mix of architectures (e.g., Linux and Windows), then it is possible that two
versions may come into use, or you are better off using a Windows version.
Professional feeds provide immediate updates Receiving immediate updates for latest vulnerabilities is
obviously good.
You must pay for this but the cost is likely the same or
cheaper than other products.
Home feeds provide free vulnerability updates This is a good way to get started evaluating the tool. This is not for commercial use.
Plug-ins These elements of Nessus allow for extensibility and
customization commonly beyond what other products
offer.
The increased complexity requires considerable knowledge
and experience to deploy.
NASL[*] This tool allows the user to script and run specific
vulnerability checks. These checks provide a lot of control
where most products do not.
Knowledge of NASL and how to use it at the command line
is necessary.
[*] Nessus Attack Scripting Language