According to Nessus.org, Nessus is the world s most popular vulnerability scanner. The Nessus scanner is available for free from the Web site www.nessus.org; however, the licensing changed between versions 2.0 and 3.0 from General Public License (GPL) to a closed-source license.

Nessus consists of a server that performs scanning and a client that configures and controls the server. A typical scan starts with a port scan of the target using either nmap or Nessus built-in port scanner. Next, Nessus determines what service is running on each discovered open port so that it can test the service against a database of vulnerabilities.The actual testing is performed by individual plugins that are written in the Nessus Attack Scripting Language (NASL). Nessus allows you to configure which plugins are enabled for a particular scan, which allows you to perform a light scan that is less likely to break services and hosts, or a thorough scan that checks for every applicable vulnerability in Nessus database of plugins.There is also a plugin for updating Nessus, which checks for new plugins over the Internet.

While Nessus can be very effective at identifying vulnerabilities in systems, it sometimes produces false positives.Therefore, it is necessary to examine the results to determine whether a discovered vulnerability actually exists. False positives are very common in vulnerability scanners.They often occur when certain tests rely on version information reported from the service, which does not always tell you whether patches have been applied.