Key features include remote and local authorized security checks. □ Nessus is also constantly updated with more than 70000 plugins. A scripting language that are optimized for custom network interaction. □ The vulnerability tests available as subscriptions are written in NASL (Nessus attacks scripting language). □ In a typical operation, Nessus begins by performing a port scan to determine which ports are open on that target and then tries various exploits on the open ports. Besides that, attack like denials of service against the TCP/IP stack by using malformed packets. □ Nessus is able to call Hydra which is an external tool to launch a dictionary attack on the system. In addition, Misconfigurations like open mail relay, missing patches, use default passwords, common and blank passwords on some system accounts. This include the vulnerabilities that allow a remote hacker to control or access sensitive data on the system. □ Nessus allow scans for many types of vulnerabilities.
0 Comments
Leave a Reply. |