• Ports to be opened on firewall to do the scan

    Dear Team,   hope this message can be seen by you. I am trying to know which ports should be opened on the firewall if I want to do the scan through it ?   Regards,

    Hi, I have installed server with windows server r2012 in an internal network(no internet access). I have run Nessus for the first time successfully and i move on one the recommendations of the report. After updating ...
    last modified by alexgeo09
  • automate a failed scan... security center

    anyone know of a way to have a scan kick off again if it detects 21745 value, or 19506 = no, or if not scanned in x amount of days to kick off....? i am thinking something along the line of a dependency scan, or disc...
    last modified by snap326
  • best report template for Army ACAS default scan policy .xml?

    hey folks - We have downloaded the Army Default Scanning Policy v5.1.xml file from the ACAS Scanning Guidane section of the NETCOM IAVM Program Information Sharepoint site. The page says that: "This policy file con...
    last modified by s4xarch
  • Tenable Nessus-Scans on Domain controllers

    Hello, I have problems with scanning on domain controllers.   We have several domain controllers, some Windows 2008, some Windows 2008 R2. On all other Windows servers, Nessus uses an account with administrativ...
    last modified by claudiab
  • IPS/IDS PCI profile

    Hello folks, Has anyone ever worked/used/designed a PCI profile for a Intrusion prevention/detection system ?   One of my client requested to come up with an IPS profile tailored for PCI, which they can deploy. ...
    created by ramware
  • Tenable.io syslog forwarding to Sumologic

    Is it possible to setup tenable.io events forwarding via syslog to Sumologic (https://help.sumologic.com/Beta/Beta_-_Sources/Beta_-_Cloud_Syslog_Source) or allow Sumologic events collection via API?
    created by alshch
  • LCE Refresh Sensor Names

    Does anyone know if there's a way to have LCE totally refresh the sensor names?  I have some sensor names that are not accurate and need to be recalculated.  Thanks!
    last modified by jac
  • Plugin discrepancy between Nessus Active scanner and SecurityCenter

    Hi All,   I'm having an issue with viewing a vulnerability in SecurityCenter.  I have a vulnerability (plugin ID 97142) showing as "NO NAME" in SecurityCenter, but the plugin output section displays proper ...
    last modified by chortond
  • Sudden false positives for Plugin 23910 (Host file check in backdoors family)

      Starting last week (Feb 1st), SecurityCenter suddenly alerted on a bunch (29 initially) hosts for Plugin 23910, indicating a possible IOC by virtue of modifying the hosts file.  However upon close inspecti...
    last modified by CleverBoy
  • LCE Client policies and Registry Keys

    This is just a question out of curiosity. Has anyone tried to monitor Registry Key changes using the LCE Client?
    last modified by jorge.gallardo@usdoj.gov
  • I want a .audit file that will be used to check the "Turn off crash detection policy needs to be enabled"

    # (C) 2015-2016 Tenable Network Security, Inc. # # This script is released under the Tenable Subscription License and # may not be used from within scripts released under another license # without authorization from T...
    last modified by pratikkayastha
  • Nessus install in Kali Linux

    Having trouble getting Nessus to install in Kali Linux. I am using a VM set up with 4 gigs of ram and 30gb of drive space so I believe I have enough system resources to handle the install. The Nessus program recycles ...
    last modified by amjack59
  • Nessus How to install Kali linux(Video)TR

    Hello everybody...   I captured to 6 month nessus ınstall vıdeo...But language turkish..Sorry   Maybe new video captured  english language..     https://youtu.be/FQlKqCPQrCY
    created by jackrourke
  • Troubleshooting ldap connectivity - "LDAP settings are invalid"

    Hi all,   I am working to setup security center 5 and am trying to integrate it with our active directory setup. I have made this work on two other networks but am having trouble on another using very similar se...
    created by satcomninja
  • http redirect to https for SC

    I am trying to redirect http request for the SC page to https. I believe I need to edit  /opt/sc/support/conf/vhost.conf but I am not sure. Can someone tell me where to make this change?
    last modified by donniewu
  • Fixing SMBv1 RCE (96982 & 97086)

    For anyone with Windows hosts, you'll see (at least) two new plugins this week:   96982 - Server Message Block (SMB) Protocol Version 1 Unspecified RCE (uncredentialed check) 97086 - Server Message Block (SMB) ...
    last modified by saltedsecurity
  • Vulnerability is "Stuck" in SecurityCenter

    Forgive me if this is addressed elsewhere. I am curious if anyone else has run into this issue. I cannot seem to understand this so I am hoping someone may be able to provide some advice from their experiences.  ...
    last modified by erich_n
  • Plugin 77910 only detects half my Exchange servers

    We noticed plugin 77910 and started to use it in a dynamic asset list in SC 4.82.  We found that it correctly detects our Mailbox and ClientAccess server, but doesn't find our Hub or Edge server.  Recently, ...
    last modified by imaginos
  • Privilege Escalation for 'nix when using SSH Key Pairs

    All of our 'nix systems use SSH key pairs for ACAS to make scans. While the folks running the scans do have Privilege Escalation set to 'sudo', there are no entries for username and password. The issue is that we get ...
    last modified by syberwizard