Monday, February 16, 2009

Lesser known Nessus plugins


We all know that Nessus is a powerful vulnerability scan and audit tool, it currently has more than 25,000 plugins to scan various operating systems and applications but what are some of the lesser known but powerful plugins? Here I list five of those plugins, which are extremely useful in a corporate environment.

  1. Nikto plugin. Using this plugin you can automate the application assessment in the organization and the greatest strength is that you can incorporate the results into Nessus and you can present the report along with other vulnerability findings.
  2. Installed software discovery. One of the challenges we face everyday involve identifying and preventing unauthorized software on the desktops and servers. Nessus offers multiple plugins to identify and create an inventory of installed software.
  3. Wireless SSID discovery. In your organization do you know how many active wireless networks are there? Even more intriguing is do we know how many of your desktops are associated with a wireless network? This particular Nessus plugin can identify active wireless domains for each desktops or laptops in your organization. This is invaluable for not only identifying which devices are susceptible to wireless threats but also ensures compliance with your internal policies and standards like PCI
  4. Auditing disabled USB drives. Many organizations have policies that prevent the use of USB drives but how do we ensure that all desktops and servers are in compliance with this policy? Nessus offers an .audit file to scan the devices to verify that the system indeed has locked the USB drives.
  5. Scanning for administrator access. Nessus offers various plugins to identify administrator privileges, some of the important ones are,
SMB blank admin password, It enables you to find servers with blank administrator
       password
Users in "domain administrator" and local administrator group. This enables
           you to find the users who are part of this important administrator group.

For more information visit the Nessus plugin page

3 comments:

Anonymous said...

Never knew about the software inventory plugin, looks quite useful

Anonymous said...

Another extremely useful feature is the credentialized scan, it helps to bring out all the vulnerabilities in the systems

Anonymous said...

One of the exiting addition to this list is the ability to do credential scan the databases