background image

Vulnerability Scanning

47

4.

The final step in setting up the new policy is the Preferences page. Here, 
you can direct Nessus not to scan fragile devices such as network printers, 
configure it to store results in an external database, provide login creden-
tials, and more. When you are done with your selections, click 

Submit

 to 

save the new policy. Your newly added policy should be displayed under 
Policies, as shown in Figure 4-15.

Figure 4-15: The newly added policy in Nessus

Running a Nessus Scan

After you have created a scan policy, you are ready to configure a scan. Begin 
by selecting the 

Scans

 tab, and then click the 

Add

 button to open the scan 

configuration window. Most Nessus configuration is set in its scan policies, so 
when you’re setting up a scan, enter a name for the scan, choose a policy, and 
enter the scan targets, as shown in Figure 4-16.

Figure 4-16: Configuring a Nessus scan

In our example, we are scanning only one host, but you can also enter IP 

address ranges in CIDR notation or even upload a file containing the addresses 
of the targets you want to scan. When you are satisfied with the scan configu-
ration, click 

Launch Scan

.

Nessus Reports

After the scan is complete, it will no longer appear under Scans, and you 
should find a new entry under the Reports tab listing the name of the scan, 
its status, and when it was last updated. Select the report and click 

Browse

 to