Book Description
The ONLY Book to Read if You Run Nessus Across the Enterprise
Ever since its beginnings in early 1998, the Nessus Project has attracted security researchers from all walks of life. It continues this growth today. It has been adopted as a de facto standard by the security industry, vendor, and practitioner alike, many of whom rely on Nessus as the foundation to their security practices. Now, Nessus project founder Renaud Deraison and a team of leading developers have created the definitive book for the Nessus community.
* Perform a Vulnerability Assessment
Use Nessus to find programming errors that allow intruders to gain unauthorized access.
* Obtain and Install Nessus
Install from source or binary, set up up clients and user accounts, and update your plug-ins.
* Modify the Preferences Tab
Specify the options for Nmap and other complex, configurable components of Nessus.
* Understand Scanner Logic and Determine Actual Risk
Plan your scanning strategy and learn what variables can be changed.
* Prioritize Vulnerabilities
Prioritize and manage critical vulnerabilities, information leaks, and denial of service errors.
* Deal with False Positives
Learn the different types of false positives and the differences between intrusive and nonintrusive tests.
* Get Under the Hood of Nessus
Understand the architecture and design of Nessus and master the Nessus Attack Scripting Language (NASL).
* Scan the Entire Enterprise Network
Plan for enterprise deployment by gauging network bandwith and topology issues.
Your Solutions Membership Gives You Access to:
Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
About the author
Jay Beale is a security specialist focused on host lockdown and security audits. He is the lead developer of the Bastille project, which creates a hardening script for Linux, HP-UX, and Mac OS X; a member of the Honeynet Project; and the Linux technical lead in the Center for Internet Security. A frequent conference speaker and trainer, Jay speaks and trains at the Black Hat and LinuxWorld conferences, among others. He co-authored the Syngress international best-seller Snort 2.0 Intrusion Detection (ISBN: 1-931836-74-4) and serves as the series and technical editor of the Syngress Open Source Security series. HD Moore is one of the founding members of Digital Defense, a security firm that was created in 1999 to provide network risk assessment services. In the last four years, Digital Defense has become one of the leading security service providers for the financial industry, with over 200 clients across 43 states. Noam Rathaus is the co-founder and CTO of Beyond Security, a company specializing in the development of enterprise-wide security assessment technologies, vulnerability assessment-based SOCs (security operation centers) and related products. He has contributed to several security-related open-source projects including an active role in the Nessus security scanner project. Renaud Deraison is the Founder and the primary author of the open-source Nessus vulnerability scanner project. He has worked for SolSoft, and founded his own computing security consulting company, Nessus Consulting. Raven Alder is a Senior Security Engineer for True North Solutions, a consulting firm specializing in network security design and implementation. She specializes in scalable enterprise-level security, with an emphasis on defense in depth. George A. Theall is a frequent contributor to the Nessus mailing lists, is the author of several popular Nessus-related tools and has also contributed rewrites of several of the supplemental scripts and associated documentation in Nessus, to be distributed starting with version 2.2.
