The Clean Access network scanner uses Nessus plugins to check for security vulnerabilities. With Clean
Access, you can define automatic, immediate responses to scan results. For example, if a vulnerability
is found, you can have the user notified, blocked from the network, or assigned to a quarantine role.

Nessus (

http://www.nessus.org

), an open source project for security-related software, provides plugins

designed to test for specific vulnerabilities on a network. In addition to plugins for remotely detecting
the presence of particular worms, plugins exist for detecting peer-to-peer software activity or web
servers. The following description defines Nessus plugins:

Nessus plugins are very much like virus signatures in a common virus scanner application. Each
plugin is written to test for a specific vulnerability. These can be written to actually exploit the
vulnerability or just test for known vulnerable software versions. Plugins can be written in most any
language but usually are written in the Nessus Attack Scripting Language (NASL). NASL is Nessus'
own language, specifically designed for vulnerability test writing. Each plugin is written to test for
a specific known vulnerability and/or industry best practices. NASL plugins typically test by
sending very specific code to the target and comparing the results against stored vulnerable values.

Anderson, Harry. “Introduction to Nessus” October 28, 2003

http:/www.securityfocus.com/infocus/1741 (10/29/04).