Nessus Spotlight: Scan Template Feature
The release of Nessus 4.2 included some interesting architectural changes as the complete Nessus installation was moved to a server based model. This means that all code, including the web-based client, now resides on the server. This provides the ability to update the Nessus client via a plugin update rather than having to install a new version of a traditional client locally on a workstation or server.
The first feature rolled out in this fashion came down in a plugin update released on April 20, 2010 (client build ID 20100416A and web server build ID 1.2.1 as seen in the "About" screen of the client). With this update, Nessus users could save a scan as a template to be used for multiple scans. If your plugins are automatically updated, the template plugin will already be in your plugin database.
If your plugins are not up to date, you can manually update plugins by using the command line utility on the Nessus server as follows:
(On Linux systems the default installation directory is /opt/nessus/sbin, OS X is /Library/Nessus/run/sbin and Windows is C:\Program Files\Tenable\Nessus\).
Once the scan template has been created you can initiate scans by using the new "Launch" button on the toolbar on the "Scans" tab:
Click the image above for a larger version.
In the screenshot above, you can see there are two templates: one called "DVWA" and another called "Web Application Scan". Simply highlight the scan template you wish to execute and click the "Launch" button. A new scan will be initiated against the targets you specified using the policy selected in the template. If the policy used in the template is updated, your changes will be included in subsequent scans. This update is available to both ProfessionalFeed and HomeFeed users.
Are You Vulnerable to the Latest Exploits?
Enter your email to receive the latest cyber exposure alerts in your inbox.