Vulnerability Scanning
45
Figure 4-11: The main Nessus window
On login, you will see the Reports section, where any prior vulnerability
scans should be listed. Along the top of the interface, you should see the Scans
tab, where you can create and view scanning tasks; the Policies tab, where you
configure Nessus to include various plug-ins you want to use in your scans;
and the Users tab, where you can add user accounts to the Nessus server.
Creating a Nessus Scan Policy
Before beginning a scan, you first need to create a Nessus scan policy. On the
Policies tab, click the green
Add
button to open the policy configuration win-
dow shown in Figure 4-12.
Figure 4-12: The Nessus Policies configuration window