Tracking Wireless SSIDs Using Nessus

by Paul Asadoorian
January 14, 2013

Nessus has plugins that can pull out current (or previously used) wireless service set identifiers (WiFi SSIDs) that Windows and OS X systems have connected to in the past. The following plugins are used: Mac OS X Wireless Networks List (63340) - This new plugin reports a history of wireless networks used by the target system, and Windows Wireless SSID (WMI) (25197) - Using WMI, this plugin reports the existing wireless network the target host is currently using.

Detecting Compromised SSL Certificates Using Nessus

by Paul Asadoorian
December 13, 2012

When Thieves Target SSL Certificates

SSL is one of the most commonly used protocols to provide encryption for a variety of different applications. As such, it has come under great scrutiny over the years. While SSL misconfiguration is commonplace, one of the more recent attacks against SSL is to steal the Certificate Authority (CA) certificate. (In a paper released in July 2012, NIST warned that this type of attack would increase). Access to this certificate allows the attacker to issue valid certificates, and in the case of a code-signing certificate, use it to sign malware. Malware executing with this level of trust increases the chances of successfully being installed on the system. Other CA certificates are used to generate website certificates used by attackers to impersonate secure access to a given website.

Configuration Auditing Cisco Nexus Operating System (NX-OS) with Nessus

by Paul Asadoorian
December 10, 2012

Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit device configurations based on Cisco Nexus Operating System (NX-OS). Cisco NX-OS runs on high-end Nexus switches, MDS storage switches, and Cisco UCS networking. This audit follows most of the recommendations that are included in the Cisco Guide to Securing Cisco NX-OS Software Devices. This blog entry discusses some of the Nessus functionality that was used in creating the audit file.

Nessus VMware vCenter Patch Auditing Now Available

by Paul Asadoorian
November 30, 2012

Nessus supports vCenter integration, enabling patch checking for enterprise virtualization environments.

Recently, new plugins for Nessus were released which add support for VMware's vCenter product. Nessus users can now enter credentials for vCenter servers, allowing Nessus to perform patch audits against all of the ESXi servers being managed by vCenter. Configuring the scan simply requires a Nessus policy to be created with the appropriate credentials:

Nessus HTML5 Interface is Generally Available!

by Paul Asadoorian
November 20, 2012

Thank you for providing feedback on the Nessus HTML5 beta interface. The beta feedback period is now closed, and the Nessus HTML5 interface is generally available (GA) to Nessus ProfessionalFeed and Nessus Perimeter Service customers, as well as Nessus HomeFeed users. To access the Nessus HTML5 interface, visit https://nessusserver:8834/html5.html (replace “nessusserver” with the IP/hostname of your Nessus server).

New Nessus Compliance Checks Available for Check Point GAiA

by Paul Asadoorian
November 12, 2012

Keeping Your Firewalls in Check

Ensuring that your network infrastructure, in particular your routers and firewalls, is secure and maintains its integrity is critical to successfully defending your network. If an attacker were to gain control of these types of systems, they could potentially impact the security of your network as a whole. For example, an attacker with access to your firewall could read the firewall rules and use the information to selectively attack open services and create backdoors that would slip through your firewall.

Using SSL to Secure Your Vulnerability Data

by Paul Asadoorian
November 6, 2012

The Benefits of Proper SSL Configuration

Protecting your vulnerability data from unauthorized users, whether the threat comes from external attackers or malicious insiders, is an important part of a vulnerability management program. Nessus allows users to configure SSL to provide both privacy and authentication. SSL can be configured locally or integrated into your own PKI infrastructure, allowing Nessus to be compliant with in-house security policies and standards.

Nessus Scanning Windows 8 Hosts

by Paul Asadoorian
October 30, 2012


The new Windows 8 interface provides a very different user experience than past Microsoft operating systems. Nessus can enumerate and detect vulnerabilities on Windows 8 hosts.

Recently, Microsoft made several announcements surrounding new technology, including a new operating system (Windows 8) and a new tablet platform called "Surface." Windows 8 will present a new interface and several new changes under the hood. They're an offshoot of the new platform called Windows RT, a small, fast, and lightweight version designed to run on ARM-based tablets. In fact, this is much of the reason behind the concept of Windows 8 -- it’s meant to run on tablets and touch screens. Windows Phone 8 is the new OS for Windows-based phones, such as those from Nokia.