New Nessus Scan Policy Templates Added in the Plugin Feed

by Paul Asadoorian
April 7, 2011

We are pleased to announce that four new Nessus policy templates will be distributed to Nessus ProfessionalFeed and HomeFeed users via the Nessus plugins feed. This is first time we've used "push" functionality to send down scan policy templates.

TenablePolicies-sm.png
Click for larger image

The four new Nessus scan policy templates will appear in the "Policies" tab once your Nessus installation has updated the plugins:

  • External Network Scan - This policy is tuned to scan externally facing hosts, which typically present fewer services to the network. The plugins associated with known web application vulnerabilities (CGI Abuses and CGI Abuses: XSS plugin families) are enabled in this policy. Also, all 65,535 ports are scanned for on each target.
  • Internal Network Scan - This policy is tuned for better performance, taking into account that it may be used to scan large internal networks with many hosts, several exposed services, and embedded systems such as printers. The "CGI Abuse" plugins are not enabled and a standard set of ports is scanned for, not all 65,535.
  • Web App Tests - If you want to scan your systems and have Nessus detect both known and unknown vulnerabilities in your web applications, this is the scan policy for you. The fuzzing capabilities in Nessus are enabled in this policy, which will cause Nessus to spider all discovered web sites and then look for vulnerabilities present in each of the parameters, including XSS, SQL, command injection and several more.
  • Prepare for PCI DSS audits - This policy enables the built-in PCI DSS compliance checks that compare scan results with the PCI standards and produces a report on your compliance posture. It is very important to note that a successful compliance scan does not guarantee compliance or a secure infrastructure. Organizations preparing for a PCI DSS assessment can use this policy to prepare their network and systems for PCI DSS compliance.

Its important to note that if you modify any of the policy templates your changes will not be overwritten. Also, you can prevent new policy templates from being pushed by adding the line "xmlrpc_import_feed_policies = no" in the nessusd.conf file.

These new policies will allow you to take advantage of the new and more advanced features being added into the Nessus vulnerability scanner. Use the new policy templates in your regular scanning and feel free to ask questions or provide us with feedback on the Tenable Discussions Forum.