Nessus 1.2.0 released

From: Renaud Deraison (
Date: 04/18/02

Date: Thu, 18 Apr 2002 19:04:00 +0200
From: Renaud Deraison <>

The Nessus Team is pleased to announce the availability of Nessus 1.2.0

Nessus is a remote security scanner which has been developped since 1998.
It is free, open-sourced (GPLed) and updated very regularly (and currently
performs over 900 security checks)

What is new in Nessus 1.2, in comparison of Nessus 1.0 ?

A lot of changes took place during the two years Nessus 1.2 has been worked
on. Here's a non-exhaustive list :

- Security checks are run in parallel ;
- Full SSL support ;
- "safe checks" option (makes nessusd rely on a banner rather than take
  the risk to disable the remote service) ;
- "optimisations" option (make nessusd run "focused" tests (ie: IIS-specific
  tests on IIS, and so on...)
- Better CGI auditing ;
- IDS evasion options ;
- KB saving support (can be used for off-line security audits) ;
- Session saving support ;
- Differential scans ;
- New reports file formats ;
- Tuned security checks (for better performance) ;
- More configurable ;
- Improved SMB support (Nessus can log into a domain, and extracts more
  information from the tested hosts).
- Scales __much__ better ;
- Kazillions of bugs fixed ;
- And more !

Note that Nessus 1.2.x is the result of two years of work and
improvements, so not everything can be listed. Have a look at the changelogs
for full details (in nessus-core/CHANGES)

Where to get it

Nessus is available at :





Nessus 1.2.0 can be compiled on a wide range of Unixes, including :

        - Solaris
        - OpenBSD
        - FreeBSD
        - NetBSD
        - Red Hat Linux (and probably other distros)
        - Darwin / MacOS X
        - ...

A Win32 client (NessusWX) is available for the Win32 platform

More toys soon

A web interface allowing you to mount your own ASP business will be released
soon - keep an eye on our website for details about this :)

Bugs ? What bugs ??

If you find bugs or have enhancement requests, please send them to me


I'd like to thank everyone who tested and improved Nessus when it was labelled
as being unstable.

I would like to thank in particular Michel Arboi ( and
Michael Scheidell ( who both did an insanely big
amount of work for Nessus 1.2


                                -- Renaud

Renaud Deraison
The Nessus Project

---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see:

Relevant Pages

  • Re: Political Challenges Using Nessus
    ... Subject: Political Challenges Using Nessus ... > processes within your organization is to have a WRITTEN corporate security ... > necessary to ascertain and promote your corporate security requirements. ... I am impatient...I hate politics ..I know I can pull this ...
  • RE: The Ultimate Toolkit...
    ... The Windows port of Nessus is called NEWT and is sold by Tenable ... Security, a company that was at least partially started by the original ... If you are not the intended recipient any ...
  • Re: Nessus - open or closed source?
    ... While I cannot state who I work for due to security reasons, ... whether it be nessus or others. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
  • RE: Political Challenges Using Nessus
    ... security and calls himself the Security Manager. ... Subject: Political Challenges Using Nessus ... My next challenge is the Manager of the Server and Network Group. ... I am impatient...I hate politics ..I know I can pull this off. ...
  • RE: The Ultimate Toolkit...
    ... Nessus, Renaud Deraison. ... There's also a Windows port of dig knocking around ... Penetration Tester | Security Consultant MIS Corporate Defence Solutions, ... to facilitate one-on-one interaction with one of our expert instructors. ...