Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [nessus]

Nessus is a vulnerability scanning program. Its goal is to detect potential vulnerabilities on the tested systems.

Nessus works by performing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction

21 questions
4
votes
3 answers

how to set permissions on a service

A Nessus plugin 44676 audit scan revealed this issue: "SMB Insecurely Configured Service" Description At least one insecurely configured Windows service was detected on the remote host. Unprivileged users can modify the properties of these affected…
Roman
  • 386
  • 5
  • 16
4
votes
2 answers

How should privileged accounts be secured in both Linux and Windows?

I have recently started work in application security at a mid-sized firm, having transitioned away from 5+ years in security consulting (pentesting, etc). One of the biggest challenges I see here from the start are that security scanners and other…
appsecguy
  • 209
  • 2
  • 4
3
votes
2 answers

Painfully slow Nessus initialization

I have Nessus 5 installed under KaLi. Whenever I start Nessus (i.e. nessusd), then it takes like half an hour to initialize. Is there anything one can do to speed up this process?
countermode
  • 375
  • 1
  • 4
  • 14
2
votes
1 answer

NetBIOS Name Service requests not being sent or answered

I have serious inconsistency on my systems of whether NetBIOS name service requests are working on endpoints. I'm testing with Win7 and Server 2008R2 systems. We do not have a WINS server and don't want to have one, but I'm most interested in the…
S'pht'Kr
  • 121
  • 4
2
votes
2 answers

Using Credentials with network scanners

I'm testing out both Tenable's Nessus scanner as well as eEye's Retina for scanning network devices. I am trying to supply credentials to get deeper, more accurate results, however there seems to be no difference in the results whether I supply the…
grossmae
  • 121
  • 1
  • 2
1
vote
1 answer

HP iLO 4 & OpenSSL 'ChangeCipherSpec' MiTM Vulnerability

The Nessus scanner is flagging 'High risk with sig 74326' after the latest rule updates to all HP iLO cards. This is specifically about the OpenSSL 'ChangeCipherSpec' MiTM Vulnerability. It appears the latest HP iLO 4 firmware does not address this…
pablo808
  • 113
  • 6
1
vote
2 answers

How to scan printers on Nessus?

When I try to scan a printer with Nessus 4.4.1 I got the following message: Do not scan printers The remote host appears to be a fragile device and will not be scanned. How can I enable printers scanning?
vs06
  • 123
  • 1
  • 2
  • 8
1
vote
2 answers

How to fix "TCP/IP Sequence Prediction Blind Reset Spoofing DoS"

Just finished a Nessus scan and the only thing that came back was "TCP/IP Sequence Prediction Blind Reset Spoofing DoS" - It may be possible to send spoofed RST packets to the remote system. Description: The remote host might be affected by a…
Kladskull
  • 1,265
  • 5
  • 15
  • 32
1
vote
1 answer

PCI scan failure for SSL Certificate with Wrong Hostname?

A client had a PCI scan completed by SecurityMetrics, and it now says they failed due to the SSL certificate for the SMTP port 25 (and POP3s/IMAPS) not matching the domain scanned. Specifically: Description: SSL Certificate with Wrong Hostname…
Rob Mangiafico
  • 151
  • 1
  • 1
  • 6
1
vote
1 answer

openVAS scan against new instance fails test (possible false positive) How to debug plug-in

I have openVAS installed from the atomic corp YUM repo, and it all seems to be functioning wonderfully, however I am seeing a single "Security Hole" which is that OpenVAS detects that "arora" is installed on the system, (which it is not) I am…
Tom
  • 10,886
  • 5
  • 39
  • 62
1
vote
0 answers

How to do a compliance scan on VMWare using Nessus on site

I have nessus professional 8.14.0 installed on a server, which is attached to the network, 3 esxi 6.7 hosts and 1 vcenter servers. Nessus Server (192.168.1.21) vCenter Server (192.168.1.9) ESXi Host 1 (192.168.1.10) ESXi Host 2 (192.168.1.11) ESXi…
James Connigan
  • 137
  • 2
  • 12
0
votes
0 answers

Tenable Nessus and SecurityCenter installlation/configuration issues

I've installed Nessus and SecurityCenter on a RedHat 7.5 instance by following the user guide from Tenable. I'm able to get to the Nessus interface which is served on port 8834, create the admin login, and choose "SecurityCenter Manged" but I…
WallyBallooba
  • 1
  • 1
  • 3
0
votes
2 answers

SSL Self-Signed Certificate Vulnerability Keeps Returning

So, I've been dealing with a recurring problem with my workstations self-generating certificates. They're appearing in the "Personal" certificate store. Even after I manually delete them from the machines, they inevitably keep returning. We do not…
Eric Gibson
  • 93
  • 1
  • 8
0
votes
1 answer

MS14-066 Vulnerability (Windows Server 2012 R2) Nessus Scan

I've been trying relentlessly looking for the correct update for the MS14-066 critical (Vulnerability in Schannel) update and every time I download a different patch/version to the server, it says "it's not applicable with this computer. " I have…
C Hill
  • 1
0
votes
2 answers

Nessus Security Vulnability Fix: SSL Version 2 (v2) Protocol Detection

Below, in quotes, is a medium severity issue discovered after scanning an IIS web server, with a tool called Nessus. "Consult the application's documentation to disable SSL 2.0 and use SSL 3.0, TLS 1.0, or higher instead" I found this article, but…
MacGyver
  • 1,864
  • 7
  • 37
  • 50
1
2