Nessus 8.4.X User Guide
Total Page:16
File Type:pdf, Size:1020Kb
Nessus 8.4.x User Guide Last Updated: September 24, 2021 Table of Contents Welcome to Nessus 8.4.x 12 Get Started with Nessus 15 Navigate Nessus 16 System Requirements 17 Hardware Requirements 18 Software Requirements 22 Customize SELinux Enforcing Mode Policies 25 Licensing Requirements 26 Deployment Considerations 27 Host-Based Firewalls 28 IPv6 Support 29 Virtual Machines 30 Antivirus Software 31 Security Warnings 32 Certificates and Certificate Authorities 33 Custom SSL Server Certificates 35 Create a New Server Certificate and CA Certificate 37 Upload a Custom Server Certificate and CA Certificate 39 Trust a Custom CA 41 Create SSL Client Certificates for Login 43 Nessus Manager Certificates and Nessus Agent 46 Remove Nessus and Nessus Agents 48 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Remove Nessus 49 Uninstall Nessus on Linux 50 Uninstall Nessus on Windows 52 Uninstall Nessus on Mac OS X 53 Remove Nessus Agent 54 Uninstall a Nessus Agent on Linux 55 Uninstall a Nessus Agent on Windows 57 Uninstall a Nessus Agent on Mac OS X 59 Install Nessus 60 Download Nessus 61 Install Nessus 63 Install Nessus on Linux 64 Install Nessus on Windows 66 Install Nessus on Mac OS X 68 Install Nessus Agents 70 Retrieve the Linking Key 71 Install a Nessus Agent on Linux 72 Install a Nessus Agent on Windows 76 Install a Nessus Agent on Mac OS X 82 Upgrade Nessus and Nessus Agents 86 Upgrade Nessus 87 Upgrade from Evaluation 88 Upgrade Nessus on Linux 89 Upgrade Nessus on Windows 90 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Upgrade Nessus on Mac OS X 91 Upgrade a Nessus Agent 92 Configure Nessus 98 Install Nessus Essentials, Professional, or Manager 99 Link to Tenable.io 100 Link to Industrial Security 101 Link to Nessus Manager 102 Managed by Tenable.sc 104 Manage Activation Code 105 View Activation Code 106 Reset Activation Code 107 Update Activation Code 108 Transfer Activation Code 110 Manage Nessus Offline 112 Install Nessus Offline 114 Generate Challenge Code 117 Generate Your License 118 Download and Copy License File (nessus.license) 119 Register Your License with Nessus 120 Download and Copy Plugins 121 Install Plugins Manually 122 Update Nessus Software Manually on an Offline system 124 Offline Update Page Details 126 Scans 127 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Scan and Policy Templates 128 Agent Templates 131 Scan and Policy Settings 133 Basic Settings for Scans 135 Basic Settings for Policies 141 Discovery Scan Settings 143 Preconfigured Discovery Scan Settings 153 Assessment Scan Settings 172 Preconfigured Assessment Scan Settings 188 Report Scan Settings 197 Advanced Scan Settings 199 Preconfigured Advanced Scan Settings 204 Credentials 211 Cloud Services 213 Database Credentials 217 Database Credentials Authentication Types 223 Host 236 SNMPv3 237 SSH 239 Windows 253 Miscellaneous 267 Mobile 272 Patch Management 275 Plaintext Authentication 284 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Compliance 289 SCAP Settings 292 Plugins 294 Configure Dynamic Plugins 295 Special Use Templates 297 Unofficial PCI ASV Validation Scan 300 Create and Manage Scans 302 Example: Host Discovery 303 Create a Scan 305 Import a Scan 306 Create an Agent Scan 307 Modify Scan Settings 308 Configure an Audit Trail 309 Delete a Scan 310 Scan Results 311 Search and Filter Results 312 Dashboard 319 Vulnerabilities 321 View Vulnerabilities 322 Modify a Vulnerability 323 Group Vulnerabilities 324 Snooze a Vulnerability 326 Live Results 328 Enable or Disable Live Results 330 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Remove Live Results 331 Compare Scan Results 332 Export a Scan Report 333 Scan Exports and Reports 335 Scan Folders 336 Manage Scan Folders 338 Policies 340 Create a Policy 342 Import a Policy 343 Modify Policy Settings 344 Delete a Policy 345 About Nessus Plugins 346 Create a Limited Plugin Policy 348 Install Plugins Manually 352 Plugin Rules 354 Create a Plugin Rule 355 Modify a Plugin Rule 356 Delete a Plugin Rule 357 Customized Reports 358 Customize Report Title and Logo 359 Scanners 360 Link Nessus Scanner 361 Unlink Nessus Scanner 362 Enable or Disable a Scanner 363 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Remove a Scanner 364 Download Managed Scanner Logs 365 Agents 367 Modify Agent Settings 369 Filter Agents 370 Export Agents 372 Download Linked Agent Logs 373 Unlink an Agent 375 Agent Groups 377 Create a New Agent Group 378 Configure User Permissions for an Agent Group 379 Modify an Agent Group 381 Delete an Agent Group 383 Freeze Windows 384 Create a Blackout Window 385 Modify a Blackout Window 386 Delete a Blackout Window 387 Settings 388 About 389 Advanced Settings 391 LDAP Server 418 Configure an LDAP Server 419 Proxy Server 420 Configure a Proxy Server 421 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Remote Link 422 SMTP Server 425 Configure an SMTP Server 426 Custom CA 427 Upgrade Assistant 428 Password Management 429 Configure Password Management 431 Scanner Health 432 Monitor Scanner Health 435 My Account 436 Users 437 System-wide Agent Settings 438 Accounts 440 Modify Your User Account 441 Generate an API Key 442 Create a User Account 443 Modify a User Account 444 Delete a User Account 445 Set an Encryption Password 446 Update Nessus Software 447 Create a New Setting 449 Modify a Setting 450 Delete a Setting 451 Download Logs 452 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Additional Resources 453 Agent Software Footprint 454 Agent Host System Utilization 455 Amazon Web Services 456 Command Line Operations 457 Start or Stop Nessus 458 Start or Stop a Nessus Agent 460 Nessus-Service 462 Nessuscli 465 Nessuscli Agent 471 Update Nessus Software 478 Default Data Directories 479 Manage Logs 480 Nessus Credentialed Checks 488 Credentialed Checks on Windows 490 Prerequisites 494 Enable Windows Logins for Local and Remote Audits 495 Configure Nessus for Windows Logins 498 Credentialed Checks on Linux 499 Prerequisites 500 Enable SSH Local Security Checks 501 Configure Nessus for SSH Host-Based Checks 504 Run Nessus as Non-Privileged User 505 Run Nessus on Linux with Systemd as a Non-Privileged User 506 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Run Nessus on Linux with init.d Script as a Non-Privileged User 509 Run Nessus on Mac OS X as a Non-Privileged User 512 Run Nessus on FreeBSD as a Non-Privileged User 517 Scan Targets 521 Upgrade Assistant 524 Copyright