When and when not to use Credentials for Nessus scans

By | August 25, 2006

Tenable consistently gets questions as to when a user should perform a vulnerability scan with credentials. Nessus 3 can perform extensive host-based configuration and patch audits on most flavors of UNIX and Windows. This blog entry will help Nessus users understand when and why they should consider using credentials when performing scans.

Most network clients like Mozilla, Eudora and Outlook do not have network ports that are open for probing by a remote Nessus scanner. Some client applications, such as various P2P and communication tools, do have network ports that are open for analysis by Nessus. However, for 100% coverage of all local client vulnerabilities, a credentialed Nessus scan is the best choice.

If auditing client vulnerabilities is of interest, you might want to consider Tenable´s Passive Vulnerability Scanner which can sniff this sort of information out of regular network traffic.Read Full Story

Leave a Reply