There are some great tools available for Linux. Unfortunately, a lot of people don't use them for a variety of reasons. They don't understand Linux, and there's no standard interface on Linux, except for the über-powerful command line. (I'm still annoyed that most distributions set the default boot to the GUI.)
Nessus is one of those tools. It installs easily from the command line and it has a friendly setup script. Once you complete it, you can start the Nessus server on your Linux box. Someone has even written a friendly Windows client for Nessus, so you can control your scans from Windows.
What's the point? Nessus is a powerful security scanner/vulnerability finder that probably matches most of what's on the market. It stores results to a database (or databases), has a diff feature so you can easily track changes over time, and has a great number of options. It has nearly 10,000 plugins to run platform-specific attacks, and it does a good job of OS fingerprinting.
So I continue experimenting with Nessus, of course, on my own systems. I can have a Nessus scan against my firewall open in one window and I can watch my firewall logs in another. (Remote syslog is cool. Who knew that even cheap routers can log to syslog?)
Competing products have sexier interfaces and reports, but they cost a lot more.
No comments:
Post a Comment