Vulnerability Scanning
47
4.
The final step in setting up the new policy is the Preferences page. Here,
you can direct Nessus not to scan fragile devices such as network printers,
configure it to store results in an external database, provide login creden-
tials, and more. When you are done with your selections, click
Submit
to
save the new policy. Your newly added policy should be displayed under
Policies, as shown in Figure 4-15.
Figure 4-15: The newly added policy in Nessus
Running a Nessus Scan
After you have created a scan policy, you are ready to configure a scan. Begin
by selecting the
Scans
tab, and then click the
Add
button to open the scan
configuration window. Most Nessus configuration is set in its scan policies, so
when you’re setting up a scan, enter a name for the scan, choose a policy, and
enter the scan targets, as shown in Figure 4-16.
Figure 4-16: Configuring a Nessus scan
In our example, we are scanning only one host, but you can also enter IP
address ranges in CIDR notation or even upload a file containing the addresses
of the targets you want to scan. When you are satisfied with the scan configu-
ration, click
Launch Scan
.
Nessus Reports
After the scan is complete, it will no longer appear under Scans, and you
should find a new entry under the Reports tab listing the name of the scan,
its status, and when it was last updated. Select the report and click
Browse
to