0 Replies Latest reply: Nov 11, 2010 1:30 PM by Renaud RSS

Nessus 4.4.0 released

Renaud

Hi Everyone!

 

I'm please to announce the release of Nessus 4.4.0. This new version uses less memory, brings you scan scheduling, and allows you to reconfigure the scanner and update the plugins without interupting your on-going scans.

 

Nessus 4.4.0 is available at http://www.nessus.org/download/

 

(Make sure that you update your plugins after the installation -- a lot of the new features are in the web server and in the new version of the flash UI)

 

There are screenshots available on our blog

 

Here's the detailed list of changes:

 

User interface

 

- Scan scheduling has been added for ProFeed users. It is now possible to ask Nessus to perform a daily/weekly/monthly/yearly scans.

 

- Improved reports via a new reporting engine. Two new HTML reports have been added: detailed and "executive" (which summarizes the top 10 most vulnerable hosts on the network). Many more to come.

 

- The XSLT transformations now take place on the server, not in the user's web browser, for a unified, smoother user-experience

 

- The UI now supports multi-select to delete reports in bulk

 

- When the UI reloads the list of scans/policies/reports, the scrolled window stays where it was

 

- The web browser is up and listening as soon as nessusd starts, not when it has finished processing the plugins

 

- By clicking on "About" in the flash interface, it's now possible to see how many days remain on your ProFeed subscription (for online updates)

 

 

Security Center

 

- When a scanner is managed by SecurityCenter, its web interface is now enabled and updated automatically

 

- Scans managed by SecurityCenter use less memory

 

 

Backend

 

- Nessus can now reload its configuration file,  plugins and web server while scans are in progress

 

- Further slashed the per-scan memory requirements. The average amount of memory needed per host is now down to ~1.3 megs (vs ~2.8 megs). This means that given the same amount of memory (and bandwidth permitting), you can double max_hosts in your scans

 

- It is now possible to tune Nessus to use less memory when idle (at the price of a moderate performance impact). If you use Nessus on a dedicated system, set "qdb_mem_usage = high" in nessusd.conf (default) and a lot of the backend will be pre-loaded.  If you use Nessus on a non-dedicated system, set "qdb_mem_usage = low" in nessusd.conf and the memory usage while being idle will drop to less than a third of that (at the expense of using more disk space). Note that qdb_mem_usage = low is considered experimental for now

 

- It is possible to safely cipher all the policies (and the credentials they contain) by doing "nessusd -K" to set a master key. Once a key is set, the server will prompt the user (via the web interface) at startup.

 

- The web server now gzips its xmlrpc answers if the web client supports it

 

- The web server is more reactive

 

- The web server can make use of a SSL certificate chain

 

- Improved performance on Windows

 

New (often requested) platforms

 

- Fedora 14 build

- Ubuntu 10.10 build

- FreeBSD 8 build

- Oracle Linux is officially supported (via the RHEL ES5 packages)

 

(RHEL6 packages should be uploaded next week)

 

 

Misc

 

- "nasl -M" runs the scripts and their dependencies in command-line mode (thus easing the testing of scripts)

 

- nessuscmd --fast speeds up network discovery

 

- Fixed a few bugs in nessus -qSp