Nessus Activation Code

[Efraine Ton]

Anyonefamiliar with this exit code of -1073741502. I am seeing this exit code fire for a number of endpoints in my environment. My action script entails starting services, and making a few registry changes. The ActionScript completed successfully on most systems. However, there are a handful of systems where I get back this weird exit code. Any ideas?

@dj0321, need more information. What OS was targeted (i.e. Windows, Mac, *NIX)? What command was executed via Action Script that returned this exit code? Have you checked with the OS and software vendors about this specific exit code?

So it appears that one of the commands from the wizardedit.reg is causing this error. Can you confirm that this REG file executes as expected when run locally by a local Admin? Have you tried enabling BESClient Debug Logging at 10000 and rerunning this fixlet/task to collect additional debug details?

The Registry Wizard generated that for me and I took it and added it to my action script. It works fine on other machines, but then I have machines firing back this exit code. Makes no sense. I will enable the debug logging. If anyone has another way I should write my action, please let me know. @cmcannady @JasonWalker

When this batch runs, it should create a c:\reset-nessus.log file containing both the command output and any error messages. You should be able to check that log and see if there were any error messages presented.

Unless somebody knows a way to set the timeout to something like 86400 seconds, I would like to use the API Access/Secret Key that I generate. The only problem I have is that I cannot find an example of how to list this with some bit of perl script using the Net::Nessus::REST module. Could somebody help me with the bit API Key of code that I could swap in for the create_session example above?

API KeysThese keys are generated per account through Nessus.session: keys or Nessus.users: keys and can be used to authenticate without creating a session.Add them to your request using the following HTTP header:

You should be able to log into Nessus with your old username and passwords If you get a corrupt global.db error. Stop the nessusd service, and re-copy global.db from your backup. Start Nessusd and it should be back to normal.

Hi Ro,

Glad to see that support was able to assist. Should this ever happen again (or if you experience any other issues), we always recommend contacting our support as they will always have the correct procedures and best practices to share. The fastest way to get a solution will be to log into support.tenable.com and begin a chat session. Also, if you need additional support, please feel free to tag or PM me!

NESSUS was initially developed by SwRI for NASA to perform probabilistic analysis of space shuttle main engine components. SwRI continues to develop and apply NESSUS to a diverse range of problems including aerospace structures, automotive structures, biomechanics, gas turbine engines, geomechanics, nuclear waste packaging, offshore structures, pipelines, and rotordynamics. To accomplish this, the codes have been interfaced with many well-known third-party and commercial deterministic analysis programs.

Scan code before production deployment with Tenable Cloud Security CI/CD workflow integrations. Scan IaC, including Terraform and CloudFormation, to gain preventive context and risk prioritization. Developers can then quickly evaluate critical security alerts against industry standard benchmarks or custom policies and correct as needed.

Achieve and maintain compliance with non-disruptive agentless scanning, with less overhead and set-up that takes just minutes. Continuously scan infrastructure as code (IaC) against industry regulations and benchmarks, such as:

The Nessus Attack Scripting Language, usually referred to as NASL, is a scripting language that is used by vulnerability scanners like Nessus and OpenVAS. With NASL specific attacks can be automated, based on known vulnerabilities.

Tens of thousands of plugins have been written in NASL for Nessus and OpenVAS.[1] Files that are written in this language usually get the file extension .nasl. For the exploitation of a zero day attack it is possible for an end user of Nessus or OpenVAS to write custom code in NASL which is executed by these vulnerability scanners.

In earlier versions of Nessus, a binary called nasl or nasl.exe was provided that could interpret NASL code to perform vulnerability scans. In later versions of Nessus, this should be done via an API that is provided by this software.

If the plugin, in this example myzeroday.nasl, is placed in the same directory where other NASL plugins are located, it can also be included in standard scans by Nessus or OpenVAS, via the Web GUI or an API.

Many of the specifications of the formal language are similar to those of the programming language C and the scripting language Perl and those of other languages. Control flow such as the for loop, the if and if-else statements are part of the language and comments are preceded by a hash.

Yeah I have had many problems with Nessus and you hit the nail on the head. Mount the DMG and find the hidden package and use that instead. I have opened up cases with them about this and also told them that their scripts in their package are no longer supported in flat packages.

when packaging nessus, we need to extract the hidden .NessusAgent.pck file, and import that to composer, then edit the 'postinstall' script that is already there? looks there is already a script when I import it, this is what it contains:

Looks like the only reason they wrap it is for the license, logo, and readme . I stumbled upon the hidden .pkg in their install guide (but should have checked here first). I shouldn't have to do that. Software is supposed to be self-explanatory.

2 years later and this fix still holds true! I was able to unhide the real .NessusAgent.pkg and remove the . from it to unhide, uploaded it into Jamf Pro and successfully rolled out the agent after. Thanks @arekdreyer.

Jamf's purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. Learn about Jamf.

This site contains User Content submitted by Jamf Nation community members. Jamf does not review User Content submitted by members or other third parties before it is posted. All content on Jamf Nation is for informational purposes only. Information and posts may be out of date when you view them. Jamf is not responsible for, nor assumes any liability for any User Content or other third-party content appearing on Jamf Nation.

If you suspect that you ran the linking command from the wrong directory, then you'll need to run it again. This time, make sure that you're either in the folder where nessuscli is installed, or add the path to the command.

The agent hasn't installed

It is possible that your original install command contained errors (wrong filename, wrong path, name / NESSUS_NAME etc) so we would recommend going back and trying the installation process again.

Your system cannot reach out to tenable

You need to check that you are connected to the internet and that the agent can reach out to cloud.tenable.com on port 443. (This is the only relevant firewall rule). When you are certain that the system is connected to the internet, try running the command again. If it still says "not linked to a manager" then you will need to try the installation process again.

An internet proxy/filter is getting in the way

The agent cannot connect to the manager, this could be due to internal network controls such as an outbound proxy. If your environment has these types of controls, please refer to documentation here, and use the proxy parameters on install to ensure the agent connects to the manager via the proxy.

Nessus is defined as a vulnerability scanner originally designed as a free tool by Renaud Deraison in 1998, which became a proprietary solution in 2005 after the release of the Nessus 3 and the launch of Tenable, Inc. a cybersecurity company co-founded by Deraison. This article explains the features and functionalities of the Nessus scanner.

Nessus is a vulnerability scanner designed initially as a free tool by Renaud Deraison in 1998, which became a proprietary solution in 2005 after the release of the Nessus 3 and the launch of Tenable, Inc, a cybersecurity company co-founded by Deraison.

The proprietary vulnerability scanner called Nessus was created by Tenable, Inc. Tenable.io, a service that requires a subscription. In addition, Tenable incorporates what was once known as Nessus Cloud, the Software-as-a-Service solution offered by Tenable. Nessus Essentials, formerly Nessus Home, a member of the Nessus family, enables you to scan your environment with the same quick, thorough evaluations and ease of agentless scanning that Nessus subscribers experience.

As an open-source network vulnerability scanner, Nessus uses the Common Vulnerabilities and Exposures architecture to make it easy for compliant security solutions to cross-link. The Nessus Attack Scripting Language (NASL), a straightforward language used by Nessus, is used to specify specific threats and potential attacks.

It checks a computer and sends an alert if it detects any security vulnerabilities that hackers could use to get into any of your computers connected to a network. It does this by checking a machine more than 1200 times to see if malicious actors could use any such attacks to get into the system or do other harm.

3a8082e126