Network Security

Question 6

How is Nessus updated - in purely technical and administrative terms?

Nessus works in much the same way as anti-virus software in that the plugins which are used to check for specific vulnerabilities should be kept up to date - they are continuously being written as new vulnerabilities are discovered. The plugins themselves can be written in any language, though usually it is NASL which is Nessus' own language specifically designed for vulnerability testing. Each new plugin is usually written by someone in the Nessus community to test for a specific known vulnerability and/or industry best practices. When a new vulnerability is released to the public, a new plugin will typically be written in response and then submitted to nessus.org. The developers review it and then add it to the approved plugin list. For high risk, high profile vulnerabilities the plug-in is often released the same day the vulnerability information is publicly released. The "nessus-update-plugins" command (as root) allows you to update the plugins in your own nessus system from the maintained list, but it is also possible to write your own plugins and get other plugins from sources other than nessus.org.