On Thu, Jul 17, 2003 at 05:11:56PM -0500, EnergyLad wrote: > > And this may sound like a stupid question, it certainly feels like one, > but is Nessus distributed with nmap embedded within it? I ask only because > I don't seem to have nmap on my system, but nessus does appear to do a > full port scan of the specified range (default 1-15000) as well as provide > an OS fingerprint.
Yes, Nessus has embedded an ancient, broken version of Nmap from more than 1 year ago :(. You should not expect reliable results from that. The Nessus download page used to recommend downloading a modern version of Nmap for more accuracy and speed, but that link has been removed. I tried to convince Renaud to put it back, but was unsuccessful. Oh well. At least for now, I believe Nessus still works with Nmap if you already have it installed. You can also run Nmap directly and then import the results. The latter technique may be faster because Nmap can scan the hosts in parallel, while Nessus executes a separate instance of Nmap for each machine. I am not trying to bash Nessus at all here. I hightly recommend it as the best free vulnerability scanner around. I am just pointing out that the Nmap integration is substandard (to say the least). Perhaps that will change someday. I feel the most desirable improvements would be to pass multiple IPs to each Nmap instance, and to interpret the Nmap XML output instead of the human-readable or "grepable" formats. The XML output is designed for this and almost never changes in incompatible ways. Cheers, Fyodor http://www.insecure.org/
