O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

21.1. Using Nessus

Nessus, widely regarded as the most comprehensive network vulnerability scanner currently available, is a commercial program distributed by Tenable Network Security (www.nessus.org). Earlier versions of Nessus were open source, and while the current version isn't, it's available at no charge for personal use. Commercial use requires a ProfessionalFeed Subscription, which costs $1,200 per year. The software is available for Mac OS X as well as Windows and several flavors of Linux. And unlike the other software described in this chapter, Nessus includes a full Mac OS X graphical interface rather than relying on the command line, a web browser, or X11 for user interaction.

21.1.1. Nessus overview

The overall design of Nessus takes a bit of getting used to, and it requires users to jump through a few hoops in order to get started. However, once you've done that, day-to-day operation of the software is quite simple, with all results provided in clear English.

The software consists of two modules: the Nessus Server and the Nessus Client. The server module performs the scanning, while the client module lets you interact with the server — sending it instructions and displaying the results it delivers. You can run the server and the client on the same computer or on different ones. If you're doing extensive testing on a large number of computers, you might want to install the client on some machine other than your regular Mac because it could adversely affect your Mac's ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required