Penetration Testing mailing list archives
Re: Nessus 3.0 released
From: Brian Smith-Sweeney <bsmithsweeney () nyu edu>
Date: Tue, 13 Dec 2005 15:25:56 -0500
Just installed it this morning without the pay feed. Scans were run against the known open ports on an Oracle server I then scanned with an older (2.2.5) version of nessus, with all plugins enabled and "optimize the test", "safe checks", and "consider unscanned ports as closed" disabled. Port list was default. Note that the older version of nessus *did* have access to the direct feed, hence (I assume) the discrepancy in plugin numbers. This isn't a dedicated host, but the other processes were fairly consistent through both tests. Given this setup I don't know if one would consider these "hard" numbers, but I'll provide them since I was doing this for myself anyway. I ran the tests twice each, but only posted the results from one set since they were very similar. Host information ================ SunFire V60x Server Red Hat Enterprise Linux AS release 3 (Taroon Update 6) Linux 2.4.21-20.ELsmp #1 SMP Wed Aug 18 20:46:40 EDT 2004 i686 i686 i386 GNU/Linux 4 x Intel(R) Xeon(TM) CPU 2.80GHz MemTotal: 4099448 kB 10kRPM Ultra 320 SCSI drives sample loadavg before scans: 0.01 0.11 0.09 1/117 8885 sample vmstat without scans: procs memory swap io system cpu r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 7092 55296 166556 3442644 0 0 1 0 0 0 0 0 0 0 0 0 7092 55296 166556 3442644 0 0 0 0 123 213 0 0 100 0 0 0 7092 55296 166556 3442644 0 0 0 0 116 186 0 0 100 0 Nessus 2.2.5 (~9862 tests run) ============================= start: [Tue Dec 13 13:34:52 2005][17406] : testing <target> [17409] finish: [Tue Dec 13 13:46:26 2005][17409] Finished testing <target>. Time : 694.30 secs biggest load spike (/proc/loadavg): 1.35 0.55 0.29 3/120 26803 associated vmstat output: procs memory swap io system cpu r b swpd free buff cache si so bi bo in cs us sy id wa 2 0 7092 28536 166316 3405004 0 0 1 0 0 1 0 0 0 0 2 0 7092 29108 166316 3402688 0 0 0 604 153 1434 17 31 47 5 1 0 7092 27712 166316 3402456 0 0 0 0 151 1598 13 34 53 0 near most common load (eyeball estimate): 0.20 0.39 0.26 1/117 27468 associated vmstat output: procs memory swap io system cpu r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 7092 37880 166324 3401264 0 0 1 0 0 1 0 0 0 0 0 0 7092 37876 166324 3401264 0 0 0 212 122 597 0 0 96 4 0 0 7092 37872 166324 3401264 0 0 0 0 113 576 0 0 99 0 Nessus 3.0.0 (~9674 tests run) ============================= start: [Tue Dec 13 13:57:20 2005][28012] : testing <target> [28014] finish: [Tue Dec 13 14:10:33 2005][28014] Finished testing <target>. Time : 793.23 secs biggest load spike: 0.35 0.23 0.18 1/122 28587 associated vmstat output: procs memory swap io system cpu r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 7092 25268 166508 3446940 0 0 1 0 0 1 0 0 0 0 0 0 7092 25252 166508 3446940 0 0 0 0 113 391 0 0 100 0 0 0 7092 25252 166508 3446940 0 0 0 0 110 410 0 0 100 0 near most common load (eyeball estimate): 0.25 0.22 0.18 1/121 28599 procs memory swap io system cpu r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 7092 35768 166508 3446940 0 0 1 0 0 1 0 0 0 0 0 0 7092 35768 166508 3446940 0 0 0 0 145 270 0 0 100 0 0 0 7092 35768 166508 3446940 0 0 0 0 139 255 0 0 100 0 Other notes: ============= * The client is *very* different. Seems more task/project/workflow influenced. It'll take some getting used to and I will reserve judgment. * Server startup is faster with new version (12.9 seconds vs 1.4). * Login via GUI is both faster and more verbose with new version (40 seconds vs 5) All in all I'm pleased with the new version. If anyone wants more background data let me know. Cheers, Brian Erin Carroll wrote:
Tenable released Nessus 3.0 yesterday. More information at http://www.tenablesecurity.com/news/pr37.shtml New licensing debates aside, has anyone yet had a chance to test this new version out? As a long-time user of Nessus, I'm curious just how improved the performance is, especially on server-side resource utilization. Has anyone had a chance to run comparison tests between the old and new versions yet? Renaud, I know you and some others from Tenable lurk on this list. Any comments or hard numbers you could provide on the performance differences (or other areas of improvement like reporting) would be very welcome. -Erin Carroll Moderator SecurityFocus pen-test list
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Nessus 3.0 released Erin Carroll (Dec 13)
- Re: Nessus 3.0 released Renaud Deraison (Dec 13)
- Re: Nessus 3.0 released Erin Carroll (Dec 13)
- Re: Nessus 3.0 released Renaud Deraison (Dec 14)
- Re: Nessus 3.0 released Erin Carroll (Dec 13)
- Re: Nessus 3.0 released Brian Smith-Sweeney (Dec 13)
- Re: Nessus 3.0 released - nikto, hydra, amap RaMatkal (Dec 14)
- Re: Nessus 3.0 released - nikto, hydra, amap Renaud Deraison (Dec 14)
- Re: Nessus 3.0 released - nikto, hydra, amap Brian Smith-Sweeney (Dec 14)
- Re: Nessus 3.0 released - nikto, hydra, amap RaMatkal (Dec 18)
- Nessus and Hydra Fabien Degouet (Dec 31)
- Re: Nessus 3.0 released - nikto, hydra, amap RaMatkal (Dec 14)
- Re: Nessus 3.0 released Renaud Deraison (Dec 13)
- <Possible follow-ups>
- RE: Nessus 3.0 released Josh Perrymon (Dec 13)
- RE: Nessus 3.0 released Josh Perrymon (Dec 14)
- Re: RE: Nessus 3.0 released nospam (Dec 17)