Questions tagged [nessus]

Nessus is a vulnerability scanning program. Its goal is to detect potential vulnerabilities on the tested systems.

Nessus works by performing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction

22 questions
0
votes
0 answers

Trouble figuring out how to configure Nessus Scanner version 10.x to use two way TLS to scan Database

I have a MySQL 5.7 database that requires two-way SSL/TLS for any clients attempting to connect to it. I have the requisite keys and certs for the connection, however I do not know how to configure the Nessus Scanner to use them. The only…
0
votes
0 answers

Tools or processes to review security questions

I'm looking for a tool or process to review external customer questions or scans against our internal database of security issues stored in Azure DevOps/TFS or Loopio. We get customer scans using Nessus, and other tools, and there should be…
user335358
0
votes
0 answers

Access Nessus administrative portal from another computer

I just installed Nessus on a SIEM server running Debian and after the installation I was shown the adress for the admin portal and it was https://servername:8836/ The problem is that I cannot reach this adress from another computer and the SIEM…
-1
votes
1 answer

Check my own servers for vulnerabilities

We are a small early stage startup with not so much money to spend. We have less than 3 servers that we want to monitor for security issues. Our website is essentially on one server having: Ubuntu A Single-Page-App (full javascript) An API…
-1
votes
1 answer

Nessus HTML5 version 5.0.3 - PCI Scan

I've been searching for a couple days (and even contacted their support) to find out if Nessus (company is Tenable) has a bundle that scans for PCI compliance. The one that they gave me is the same as the rest of the defaults. It selects all 44…
lbakerit
  • 3
  • 1
  • 3
-1
votes
1 answer

Scan internal network from cloud system?

I have an internal network with bunch of devices and there is firewall at entry point from internet. Is it possible to scan that entire internal network from the cloud server where I have tool (for exa: Nessus)? (Without installing any client…
-4
votes
2 answers

Crack http basic auth password from Linux

I have a network camera, where the default password does not work. It is probably something simple though, so I though I should try a stock password breaker. What should I use to try to crack my network camera's basic auth login/password on port 80…
Gurgeh
  • 463
  • 4
  • 3
1
2