Nessus 8.7 User Guide
Total Page:16
File Type:pdf, Size:1020Kb
Nessus 8.7.x User Guide Last Updated: September 24, 2021 Table of Contents Welcome to Nessus 8.7.x 12 Get Started with Nessus 15 Navigate Nessus 17 System Requirements 18 Hardware Requirements 19 Software Requirements 23 Customize SELinux Enforcing Mode Policies 26 Licensing Requirements 27 Deployment Considerations 28 Host-Based Firewalls 29 IPv6 Support 30 Virtual Machines 31 Antivirus Software 32 Security Warnings 33 Certificates and Certificate Authorities 34 Custom SSL Server Certificates 36 Create a New Server Certificate and CA Certificate 38 Upload a Custom Server Certificate and CA Certificate 40 Trust a Custom CA 42 Create SSL Client Certificates for Login 44 Nessus Manager Certificates and Nessus Agent 47 Install Nessus 49 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Download Nessus 50 Install Nessus 52 Install Nessus on Linux 53 Install Nessus on Windows 55 Install Nessus on Mac OS X 57 Install Nessus Agents 59 Retrieve the Linking Key 60 Install a Nessus Agent on Linux 61 Install a Nessus Agent on Windows 65 Install a Nessus Agent on Mac OS X 71 Upgrade Nessus and Nessus Agents 75 Upgrade Nessus 76 Upgrade from Evaluation 77 Upgrade Nessus on Linux 78 Upgrade Nessus on Windows 79 Upgrade Nessus on Mac OS X 80 Upgrade a Nessus Agent 81 Configure Nessus 87 Install Nessus Essentials, Professional, or Manager 88 Link to Tenable.io 90 Link to Industrial Security 92 Link to Nessus Manager 95 Managed by Tenable.sc 97 Manage Activation Code 99 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective View Activation Code 100 Reset Activation Code 101 Update Activation Code 102 Transfer Activation Code 104 Manage Nessus Offline 106 Install Nessus Offline 108 Generate Challenge Code 111 Generate Your License 112 Download and Copy License File (nessus.license) 113 Register Your License with Nessus 114 Download and Copy Plugins 115 Install Plugins Manually 116 Update Nessus Software Manually on an Offline system 118 Offline Update Page Details 120 Remove Nessus and Nessus Agents 121 Remove Nessus 122 Uninstall Nessus on Linux 123 Uninstall Nessus on Windows 125 Uninstall Nessus on Mac OS X 126 Remove Nessus Agent 127 Uninstall a Nessus Agent on Linux 128 Uninstall a Nessus Agent on Windows 130 Uninstall a Nessus Agent on Mac OS X 132 Scans 133 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Scan and Policy Templates 134 Agent Templates 137 Scan and Policy Settings 139 Basic Settings for Scans 141 Scan Targets 147 Basic Settings for Policies 150 Discovery Scan Settings 152 Preconfigured Discovery Scan Settings 162 Assessment Scan Settings 181 Preconfigured Assessment Scan Settings 198 Report Scan Settings 207 Advanced Scan Settings 209 Preconfigured Advanced Scan Settings 214 Credentials 221 Cloud Services 223 Database Credentials 227 Database Credentials Authentication Types 233 Host 247 SNMPv3 248 SSH 250 Windows 265 Miscellaneous 279 Mobile 284 Patch Management 287 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Plaintext Authentication 296 Compliance 301 SCAP Settings 304 Plugins 306 Configure Dynamic Plugins 307 Special Use Templates 309 Unofficial PCI ASV Validation Scan 312 Create and Manage Scans 314 Example: Host Discovery 315 Create a Scan 317 Import a Scan 318 Create an Agent Scan 319 Modify Scan Settings 320 Configure an Audit Trail 321 Delete a Scan 322 Scan Results 323 Create a New Scan from Scan Results 324 Search and Filter Results 326 Compare Scan Results 333 Dashboard 334 Vulnerabilities 336 View Vulnerabilities 337 Modify a Vulnerability 338 Group Vulnerabilities 339 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Snooze a Vulnerability 341 Live Results 343 Enable or Disable Live Results 345 Remove Live Results 346 Scan Exports and Reports 347 Create a Scan Report 348 Export a Scan 351 Customized Reports 352 Customize Report Title and Logo 353 Scan Folders 354 Manage Scan Folders 356 Policies 358 Create a Policy 360 Import a Policy 361 Modify Policy Settings 362 Delete a Policy 363 About Nessus Plugins 364 Create a Limited Plugin Policy 366 Install Plugins Manually 370 Plugin Rules 372 Create a Plugin Rule 373 Modify a Plugin Rule 374 Delete a Plugin Rule 375 Scanners 376 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Link Nessus Scanner 377 Unlink Nessus Scanner 378 Enable or Disable a Scanner 379 Remove a Scanner 380 Download Managed Scanner Logs 381 Agents 383 Modify Agent Settings 385 System-wide Agent Settings 386 Filter Agents 388 Export Agents 390 Download Linked Agent Logs 391 Unlink an Agent 393 Agent Groups 395 Create a New Agent Group 396 Configure User Permissions for an Agent Group 397 Modify an Agent Group 399 Delete an Agent Group 401 Freeze Windows 402 Create a Blackout Window 403 Modify a Blackout Window 404 Delete a Blackout Window 405 Clustering 406 Clustering System Requirements 408 Enable Clustering 410 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Get Linking Key from Parent Node 411 Link a Node 412 Migrate Agents to a Cluster 414 View or Edit a Node 416 Rebalance Nodes 417 Enable or Disable a Node 418 Delete a Node 419 Settings 420 About 421 License Utilization 423 View License Use 424 Update Nessus Software 425 Set an Encryption Password 427 Advanced Settings 428 Create a New Setting 460 Modify a Setting 461 Delete a Setting 462 LDAP Server 463 Configure an LDAP Server 464 Proxy Server 465 Configure a Proxy Server 466 Remote Link 467 SMTP Server 470 Configure an SMTP Server 471 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Custom CA 472 Upgrade Assistant 473 Password Management 474 Configure Password Management 476 Scanner Health 477 Monitor Scanner Health 480 Notifications 481 Acknowledge Notifications 482 View Notifications 483 Accounts 484 My Account 485 Modify Your User Account 486 Generate an API Key 487 Users 488 Create a User Account 489 Modify a User Account 490 Delete a User Account 491 Transfer User Data 492 Download Logs 493 Additional Resources 494 Agent Software Footprint 495 Agent Host System Utilization 496 Amazon Web Services 497 Command Line Operations 498 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Start or Stop Nessus 499 Start or Stop a Nessus Agent 501 Nessus-Service 503 Nessuscli 506 Nessuscli Agent 512 Update Nessus Software 519 Default Data Directories 520 File and Process Whitelist 521 Manage Logs 523 Nessus Credentialed Checks 531 Credentialed Checks on Windows 533 Prerequisites 537 Enable Windows Logins for Local and Remote Audits 538 Configure Nessus for Windows Logins 541 Credentialed Checks on Linux 542 Prerequisites 543 Enable SSH Local Security Checks 544 Configure Nessus for SSH Host-Based Checks 547 Run Nessus as Non-Privileged User 548 Run Nessus on Linux with Systemd as a Non-Privileged User 549 Run Nessus on Linux with init.d Script as a Non-Privileged User 552 Run Nessus on Mac OS X as a Non-Privileged User 555 Run Nessus on FreeBSD as a Non-Privileged User 560 Upgrade Assistant 564 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc.