Introduction

Nessus is a tool designed to help you evaluate risk.

The proof of the pudding is in the eating, it s said. Ultimately the proof of a vulnerability scanner is in the reports it outputs. For the Nessus scanner to be of any use, you must be able to read, interpret, and act on the data it generates. As anyone who s worked much with the Nessus scanner will attest to, this is no simple task.

In this section, compare reading Nessus reports to learning a new language. We consider how the reports have a background, history, and context, and how one can and must understand these to fully understand what the reports are actually saying. We also pose some key questions that need to be asked as the reports are being read, warn of common traps and pitfalls, and describe additional sources of information that can compliment and complete the user-level reports.

We discuss two different GUI clients in this chapter, and evaluate the strengths and weaknesses of each in order to get the most out of reports.

The Nessus UI Basics

As you already know, the Nessus scanner architecture differentiates between the server and the client component. The Nessus client is responsible for generating and, in most cases, rendering the scan output. The two clients considered in this chapter are:

• The Nessus GUI Client for X

• The NessusWX Client for Windows

As far as reading the report output is concerned, both of these clients have simple and intuitive...