From: Brian Smith-Sweeney (bsmithsweeney@nyu.edu)
Date: Tue Dec 13 2005 - 15:25:56 EST
Just installed it this morning without the pay feed. Scans were run
against the known open ports on an Oracle server I then scanned with an
older (2.2.5) version of nessus, with all plugins enabled and "optimize
the test", "safe checks", and "consider unscanned ports as closed"
disabled. Port list was default. Note that the older version of nessus
*did* have access to the direct feed, hence (I assume) the discrepancy
in plugin numbers.
This isn't a dedicated host, but the other processes were fairly
consistent through both tests. Given this setup I don't know if one
would consider these "hard" numbers, but I'll provide them since I was
doing this for myself anyway. I ran the tests twice each, but only
posted the results from one set since they were very similar.
Host information
================
SunFire V60x Server
Red Hat Enterprise Linux AS release 3 (Taroon Update 6)
Linux 2.4.21-20.ELsmp #1 SMP Wed Aug 18 20:46:40 EDT 2004 i686 i686 i386
GNU/Linux
4 x Intel(R) Xeon(TM) CPU 2.80GHz
MemTotal: 4099448 kB
10kRPM Ultra 320 SCSI drives
sample loadavg before scans: 0.01 0.11 0.09 1/117 8885
sample vmstat without scans:
procs memory swap io system
cpu
r b swpd free buff cache si so bi bo in cs us sy
id wa
0 0 7092 55296 166556 3442644 0 0 1 0 0 0 0
0 0 0
0 0 7092 55296 166556 3442644 0 0 0 0 123 213 0
0 100 0
0 0 7092 55296 166556 3442644 0 0 0 0 116 186 0
0 100 0
Nessus 2.2.5 (~9862 tests run)
=============================
start: [Tue Dec 13 13:34:52 2005][17406] : testing <target> [17409]
finish: [Tue Dec 13 13:46:26 2005][17409] Finished testing <target>.
Time : 694.30 secs
biggest load spike (/proc/loadavg): 1.35 0.55 0.29 3/120 26803
associated vmstat output:
procs memory swap io system
cpu
r b swpd free buff cache si so bi bo in cs us sy
id wa
2 0 7092 28536 166316 3405004 0 0 1 0 0 1 0
0 0 0
2 0 7092 29108 166316 3402688 0 0 0 604 153 1434 17
31 47 5
1 0 7092 27712 166316 3402456 0 0 0 0 151 1598 13
34 53 0
near most common load (eyeball estimate): 0.20 0.39 0.26 1/117 27468
associated vmstat output:
procs memory swap io system
cpu
r b swpd free buff cache si so bi bo in cs us sy
id wa
0 0 7092 37880 166324 3401264 0 0 1 0 0 1 0
0 0 0
0 0 7092 37876 166324 3401264 0 0 0 212 122 597 0
0 96 4
0 0 7092 37872 166324 3401264 0 0 0 0 113 576 0
0 99 0
Nessus 3.0.0 (~9674 tests run)
=============================
start: [Tue Dec 13 13:57:20 2005][28012] : testing <target> [28014]
finish: [Tue Dec 13 14:10:33 2005][28014] Finished testing <target>.
Time : 793.23 secs
biggest load spike: 0.35 0.23 0.18 1/122 28587
associated vmstat output:
procs memory swap io system
cpu
r b swpd free buff cache si so bi bo in cs us sy
id wa
0 0 7092 25268 166508 3446940 0 0 1 0 0 1 0
0 0 0
0 0 7092 25252 166508 3446940 0 0 0 0 113 391 0
0 100 0
0 0 7092 25252 166508 3446940 0 0 0 0 110 410 0
0 100 0
near most common load (eyeball estimate): 0.25 0.22 0.18 1/121 28599
procs memory swap io system
cpu
r b swpd free buff cache si so bi bo in cs us sy
id wa
0 0 7092 35768 166508 3446940 0 0 1 0 0 1 0
0 0 0
0 0 7092 35768 166508 3446940 0 0 0 0 145 270 0
0 100 0
0 0 7092 35768 166508 3446940 0 0 0 0 139 255 0
0 100 0
Other notes:
=============
* The client is *very* different. Seems more task/project/workflow
influenced. It'll take some getting used to and I will reserve judgment.
* Server startup is faster with new version (12.9 seconds vs 1.4).
* Login via GUI is both faster and more verbose with new version (40
seconds vs 5)
All in all I'm pleased with the new version. If anyone wants more
background data let me know.
Cheers,
Brian
Erin Carroll wrote:
> Tenable released Nessus 3.0 yesterday. More information at
> http://www.tenablesecurity.com/news/pr37.shtml
>
> New licensing debates aside, has anyone yet had a chance to test this new
> version out? As a long-time user of Nessus, I'm curious just how improved
> the performance is, especially on server-side resource utilization.
>
> Has anyone had a chance to run comparison tests between the old and new
> versions yet? Renaud, I know you and some others from Tenable lurk on this
> list. Any comments or hard numbers you could provide on the performance
> differences (or other areas of improvement like reporting) would be very
> welcome.
>
> -Erin Carroll
> Moderator
> SecurityFocus pen-test list
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:15 EDT