With Nessus, you can perform authenticated scans against different operating systems such as Windows, Linux, and Mac OS via different methods such as SMB, SSH, SNMP, Telnet, etc. The scan will then come back with much more detailed information about a system. Vulnerability assessments are typically done by running authenticated scans, which means the scanner will authenticate against the systems its scanning. Most average users will not have more than 16 systems, and there is no need to run compliance checks or content audits on your home systems. Basically, the major differences between the two are that you can only scan up to 16 IP addresses per scanner, and you won’t be able to perform compliance checks and content audits with Nessus Home. Nessus is a vulnerability scanner developed by Tenable and there are two versions of it: Nessus Home and Nessus Professional. In this blog, I will guide you through the process of performing a VA against your network using Nessus Home. However, organizations should not be the only ones conducting VAs against their network average home users should also conduct vulnerability assessment against their network.
It is recommended that you conduct a VA against your organization’s network every quarter, and if your organization follows certain policy and standards, such as PCI DSS, VA is a requirement. VA is a process of identifying security vulnerabilities in a system. If you work in the field of Information Technology, you have probably heard of Vulnerability Assessment (VA). Part One of a Two-Part series Introduction