$Id: faq.html,v 1.17 2000/08/04 13:26:41 renaud Exp $

Questions regarding the project :

• What is the Nessus project ?
• Who funds it ?
• Why is it called the Nessus project ?

• How do I enable/disable a compilation option ?
• Which compilation options are available ?
• I get an 'undefined reference to yylex' at link-time !
• I have just installed nessus-libraries, but libnasl will not find it !
• Whenever I try to start nessusd, i'm told : "error in loading shared libraries : libnasl.so.0"
• I do not want to install X11 + GTK to run Nessus, how do I do ?
• I can't compile Nessus under SuSE Linux !

• I can not log in !
• I got a CRC error during the connection !
• I got a spoof alert upon the connection !
• I got an error during a scan : "20104: Reached maximum limits of threads, allready"

• A scan produced no result !
• The plugins window is empty !
• The scans are slow !

• What is a 'plugin' ?
• Where do I get new plugins ?
• Is it risky to update the plugins automatically ?
• What is NASL ?

The 'Nessus' Project was started in early 1998, and first released in April 1998. At this time, the most complete free security scanner was SATAN, which is clearly outdated, and you could see the emergence of several commercial ones, that were clearly too expensive.

The Nessus Security Scanner is not only another security auditing tool. It is a security auditing as I think it should be - never trust the version number, never trust that a given service is listenning on the good port (do all the web servers on earth listen on port 80 ?).

The Nessus Security Scanner is free, open-sourced and wants to be easy to use.

Nobody funds the Nessus project. The authors give their free time to write their part. Jordan Hrycaj gives his free time to write the cipher layer. I give my free time to update the security tests (among other things). Users give their free time to report bugs or suggest enhancements.

No special reason. I needed a name when I started it. Mainly because the names my project and security scanner were too vague and too common.

All the compilation options are passed to the configure script of the nessus-libraries package. If you want to enable the cipher layer, then you should do :

cd nessus-libraries
./configure --enable-cipher

The only working compilation option at this time is the cipher layer.
• configure --enable-cipher[=NN] : will enable the cipher layer. If you add the =NN argument, then you can specify the length of the keys. For instance, --enable-cipher=40 will set the length of the keys to 40 bits.
• configure --enable-pthreads : will enable the pthreads instead of the fork(). This is not recommanded as it shows to be very instable.