You can set the credential type like:
The third window is to set plug ins, nessus contain a wide range of plug ins like :
Web server scanning
Plug ins are the wonderful feature that will let an auditor to choose the best plug in according to the requirement of the test.
The last windows is about preferences, now in this point you can choose plugin setting like if you want to conduct an audit on Oracle database than choose oracle setting with oracle SID and so on.
Network Vulnerability Scanning Example Test
Now let suppose an auditor have to test the internal network, for this purpose nessus internal network scan policy is the best choice for a test behind a firewall, if you have a default plug in setting than it is a best. Keep in mind that in the internal test enable all the plug ins.
On the scan menu add a new scan.
Here I am using internal scan policy while in the scan range I have choose all the host from this subnet of class C IP. Launch a scan and it takes some time depending on the number of host.
Here is the report
It shows that there is a four host alive and they contain a lot of vulnerabilities even some vulnerabilities are at high risk but keep in mind that all the exploits against a vulnerability is not available on public, so how to check the available exploit against a vulnerability? It is very simple from the left side below click on show filter than mark a check on exploit exist.
Now the exploits of these vulnerabilities are available in public and we can see the detail of this exploits like CVE information, vulnerability publication date and more information.
Lets call a result of Zenmap you can integrate nmap (zenmap) result into nessus for the maximum performance that is why I have discussed zenmap before. On the scan windows of nessus simply browse the target file and import nmap result into nessus.
Its all done and I hope you have enjoyed it.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.