Tenable Nessus Check Version

0 views
Skip to first unread message

Melissa Alvarado

unread,
Aug 4, 2024, 6:18:26 PM8/4/24
to lecthulicon
Tellthe server to only listen to connections on the address that is an IP, not a machine name. This option is useful if you are running nessusd on a gateway and if you do not want people on the outside to connect to your nessusd.

Updates Tenable Nessus plugins by using a TAR file instead of getting the updates from the plugin feed. You obtain the TAR file when you Manage Tenable Nessus Offline - Download and Copy Plugins steps.


stable: Does not automatically update to the latest Tenable Nessus version. Remains on an earlier version of Tenable Nessus set by Tenable, usually one release older than the current generally available version, but no earlier than 8.10.0. When Tenable Nessus releases a new version, your Tenable Nessus instance updates software versions, but stays on a version prior to the latest release.


Note: You cannot link a scanner via the CLI if you have already registered the scanner. You can either link via the user interface, or reset the scanner to unregister it (however, you lose all scanner data).


Copyright 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.


First off, I'm surprised no-one has mentioned this yet, but the main issue with the EA you posted, is that it's not an EA. Extension Attributes only work if some string or result of a command is output (usually echoed) between and tags. Otherwise the EA for your Macs will remain blank in your console forever.


But outside of that, if you still need some help in getting a working EA together, I'll post the old ones I used to use as well. We no longer use Nessus where I am, but when we did, this was the Extension Attribute I had for the version:


I also had this EA for capturing its status, as in Installed (Running + Connected etc.) or what the status was. I have no idea if this even works anymore with the current Nessus agent version, but you can try it in case it interests you.


Hey everyone. I tried several/all of these solutions above and I am not having much luck. Either I am not getting hardly any version information or more importantly my results are coming back that the tenable agent is installed on all of my fleet which is not true. Any ideas of what is happening?


Jamf's purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. Learn about Jamf.


This site contains User Content submitted by Jamf Nation community members. Jamf does not review User Content submitted by members or other third parties before it is posted. All content on Jamf Nation is for informational purposes only. Information and posts may be out of date when you view them. Jamf is not responsible for, nor assumes any liability for any User Content or other third-party content appearing on Jamf Nation.


Thanks for the information. Could you please provide more details about configuring to conect to Tenable.sc or Tenable.io ? I'm struggling to determine how the Agent was installed on Red Hat 7 and 8. I haven't found anything named "Nessus" except in the user directory



No ports used by Tenable/nessus are open on the server. I've checked both active and inactive services but can't locate a service named "Tenable" or "Nessus". Could you suggest a command to help me find the elusive agent and its configuration file? It's perplexing; I can't locate it in /opt or anywhere else.








The server is detected by cloud.tenable.com, and it reports vulnerabilities. Despite trying all the commands you mentioned, I can't figure out how it's configured. Is there an alternative way it might be set up?


I wrote a Chef cookbook for installing Nessus agent, but it does require that you have the agent link key to enable it. I won't post the entire cookbook here as I originally wrote it for AWS automation, but here are some excerpts that might help you find where it is, installing the RPM and linking it to the Tenable Nessus server.


If you suspect that you ran the linking command from the wrong directory, then you'll need to run it again. This time, make sure that you're either in the folder where nessuscli is installed, or add the path to the command.


The agent hasn't installed

It is possible that your original install command contained errors (wrong filename, wrong path, name / NESSUS_NAME etc) so we would recommend going back and trying the installation process again.


Your system cannot reach out to tenable

You need to check that you are connected to the internet and that the agent can reach out to cloud.tenable.com on port 443. (This is the only relevant firewall rule). When you are certain that the system is connected to the internet, try running the command again. If it still says "not linked to a manager" then you will need to try the installation process again.


An internet proxy/filter is getting in the way

The agent cannot connect to the manager, this could be due to internal network controls such as an outbound proxy. If your environment has these types of controls, please refer to documentation here, and use the proxy parameters on install to ensure the agent connects to the manager via the proxy.


Originally launched as an open source tool in 1998, its enterprise edition became a commercial product in 2005. Nessus now encompasses several products that automate point-in-time vulnerability assessments of a network's attack surface, with the goal of enabling enterprise IT teams to stay ahead of cyber attackers by proactively identifying and fixing vulnerabilities as the tool discovers them, rather than after attackers exploit them.


Nessus identifies software flaws, missing patches, malware, denial-of-service vulnerabilities, default passwords and misconfiguration errors, among other potential flaws. When Nessus discovers vulnerabilities, it issues an alert that IT teams can then investigate and determine what -- if any -- further action is required.


Nessus is known for its vast plugin database. These plugins are dynamically and automatically compiled in the tool to improve its scan performance and reduce the time required to assess, research and remediate vulnerabilities. Plugins can be customized to create specific checks unique to an organization's application ecosystem.


Nessus contains a feature called Predictive Prioritization, which uses algorithms to categorize vulnerabilities by their severity to aid IT teams in determining which threats are most urgent to address. Each vulnerability is assigned a Vulnerability Priority Rating (VPR), which uses a scale from 0 to 10, with 10 being the highest risk, to rate its severity: critical, high, medium or low. IT teams can also use pre-built policies and templates to quickly find vulnerabilities and understand the threat situation.


Another Nessus feature is Live Results, which performs intelligent vulnerability assessment in offline mode with every plugin update. It removes the need to run a scan to validate a vulnerability, creating a more efficient process to assess, prioritize and remediate security issues.


Nessus also provides the ability to create configurable reports in a variety of formats, including Hypertext Markup Language, comma-separated values and Nessus Extensbile Markup Language. Reports can be filtered and customized depending on what information is most useful, such as vulnerability types, vulnerabilities by host, vulnerabilities by client, etc.


Meanwhile, the Nessus packet capture feature enables teams to debug and troubleshoot scanning issues quickly. In this way, it minimizes interruptions and provides continuous protection for the enterprise IT environment.


Nessus provides a fast, user-friendly way to find and fix vulnerabilities in many kinds of IT assets, including cloud-based and virtualized resources. As of April 2023, it covers more than 76,000 Common Vulnerabilities and Exposures. Tenable Research, the cybersecurity research arm of Nessus' manufacturer, maintains and continually updates a library of more than 185,000 plugins that can be used to augment the platform. Plugins contain scripts to identify, remediate and test for the presence of specific vulnerabilities. Tenable releases about 100 new plugins weekly and within 24 hours of vulnerability disclosure. Plugins can be downloaded through the Nessus interface or a web-based catalog.


Nessus provides more than 450 pre-configured templates for commonly used vulnerability scans and configuration audits to simplify use of the platform. For example, the Audit Cloud Infrastructure template can be used to audit the configuration of Amazon Web Services, Google Cloud Platform, Microsoft Azure, Rackspace, Salesforce and Zoom. The interface is easy to navigate and provides a simple set of remediation actions to fix the vulnerabilities and protect the affected system. Teams can also audit configuration compliance against Center for Internet Security benchmarks and other best practices.

3a8082e126
Reply all
Reply to author
Forward
0 new messages