Nessus Network Auditing

Network and computer security is a primary concern for many companies today. Legislation such as HIPAA, GLBA and the Sarbanes-Oxley Act mandate a certain level of security for corporate networks to adhere to for some industries. Security is often quite expensive though. Open source tools can help administrators secure their networks for little to no money. Nessus, an open source tool, is one of the best vulnerability scanners around.

Open Source Security Tools

Since the Nessus Project began in 1998, Nessus has forged new paths and led the pack when it comes to vulnerability scanning and assessment tools. The fact that it is an open source project and that the software is available for free makes it all the more valuable.

While corporations often shy away from open source tools, some of the best programs available in the various genres of security software are available for free under open source licensing. Products such as Nessus, Ethereal (packet sniffer) and Snort (intrusion detection system) prove that you don't have to spend big bucks to get top quality software.

There are a few different possible theories for why a company would avoid open source software. First, the fact that it is open source and any would-be attacker can view the code for the software is seen by some as a security issue in and of itself. Second, managers like bells and whistles. They want snazzy interfaces and flashy reporting- extras often lacking in open source tools which tend to focus on functionality.

Those that can see past these "issues" will find that open source security tools are often every bit as good as their commercial counterparts and can save thousands of dollars for the company.

My Review

This is the third book in Jay Beale's Open Source Security Series from Syngress Publishing and it is every bit as good as the first two. It certainly doesn't hurt to have the founder of the Nessus Project be one of the leading contributors to the book.

The book begins with an overview of the basic concept of vulnerability assessment and how a scan can be used to proactively detect holes and protect the network. After a brief introduction to the founding of the Nessus Project and the birth of the Nessus software the book goes into comprehensive detail about how to install, configure, administer, and employ the full functionality of Nessus to secure and protect your network.

Some of the most valuable information is contained in the chapters describing how to interpret the results of a Nessus scan and how to handle false positives. The book also provides information about the Nessus Knowledge Base and the Nessus User Community - two valuable resources for further information. The enclosed CD contains full versions of Nessus, Ethereal and Snort as well as NeWT, a standalone security scanner for Windows based on Nessus.

Nessus is an excellent tool and this book is an invaluable resource in helping you get the most out of it.