Affordable Access

Publisher Website

Coding for Nessus-Chapter 9

Authors
Publisher
Elsevier Inc.
Identifiers
DOI: 10.1016/b978-159749997-2/50011-x
Disciplines
  • Mathematics

Abstract

Publisher Summary Nessus is a free, powerful, up-to-date, and easy-to-use remote security scanner that is used to audit networks by assessing the security strengths and weaknesses of each host, scanning for known security vulnerabilities. The chapter explains the way to write and code proper Nessus Attack Scripting Language (NASL) scripts that can be shared with other Nessus users. It also discusses the goals, syntax, and development environment for NASL scripts, porting C/C++ and Perl code to NASL, and porting NASL scripts to other languages. The arithmetic operators depend on the types of parameters passed to them. String operators provide a higher-level string manipulation capability. The logical operators return TRUE or FALSE, which are defined as 1 and 0, respectively, depending on the relationship between the parameters. Bitwise operators are used to compare and manipulate integers and binary data at the single bit level. Writing scripts in NASL to accomplish simple to complex tasks can take anywhere from minutes to hours or days, depending on the amount of research already conducted. The most difficult part of creating a script is determining the attack sequence and the desired responses as vulnerable. NASL is an excellent language for creating security scripts and is by far the most advanced, freely available, assessment-focused language.

There are no comments yet on this publication. Be the first to share your thoughts.