Nessus scanning policies


Nessus is a great tool. However, out of the box it's kind of unclear how to go about scanning. There are over 40.000 plugins to choose from.

Starting with 4.x default install comes with 4 predefined policies which give some kind of idea.


I considered making the policies (.audit files) available but decided not to. They would get out-dated as new plug-ins are released. Instead I'll step through creating them in a series of posts.


We should be aware that new plugins are not autmatically enabled. This means that if you create a policy and enable whole "Windows" family, you will have to go back and enable new plugins as they are released.

There are a number of good youtube clips from Tenable on Nessus.

http://www.youtube.com/user/tenablesecurity/videos?query=nessus


No comments:

Post a Comment