Manualshelf

Specifications

ManualsBrandsRed Hat ManualsOtherCERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE
61626364656667686970
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
64
Configure the Nessus Daemon (Advanced Users)
The Nessus GUI configuration menu contains several configurable options. For example, this is where the maximum
number of checks and hosts being scanned at one time, the resources you want nessusd to use and the speed at which
data should be read are all specified, as well as many other options. It is recommended that these settings be reviewed
and modified appropriately based on your scanning environment. The full list of configuration options is explained at the
end of this section.
In particular, the global.max_hosts, max_hosts, and max_checks values can have a great impact on your Nessus
system’s ability to perform scans, as well as those systems being scanned for vulnerabilities on your network. Pay
particular attention to these two settings.
A non-admin user cannot upload plugins to Nessus, cannot restart it remotely (needed after a plugin upload),
and cannot override the max_hosts/max_checks setting in the configuration section. If the user is intended
for use by SecurityCenter, it must be an admin user. SecurityCenter maintains its own user list and sets
permissions for its users.
In Nessus Enterprise, only a system administrator user can upload plugins to Nessus, can restart it remotely
(needed after a plugin upload), and can override the max_hosts/max_checks setting in the configuration
section. If the user is intended for use by SecurityCenter, it must be an admin user. SecurityCenter maintains
its own user list and sets permissions for its users.
Here are the three settings and their default values as seen in the configuration menu:
Option
Value
global_max_hosts
530
max_hosts
40
max_checks
5
Note that these settings will be over-ridden on a per-scan basis when using Tenable’s SecurityCenter or within a custom
policy in the Nessus User Interface. To view or modify these options for a scan template in SecurityCenter, edit the Scan
Options in the template. In the Nessus User Interface, edit the scan policy and then click on the “Options” tab.
Note that the max_checks parameter has a hardcoded limit of 15. Any value over 5 will frequently lead to
adverse effects as most servers cannot handle that many intrusive requests at once.
Notes on max_hosts:
As the name implies, this is the maximum number of target systems that will be scanned at any one time. The greater the
number of simultaneously scanned systems by an individual Nessus scanner, the more taxing it is on that scanner
system’s RAM, processor, and network bandwidth. Take into consideration the hardware configuration of the scanner
system and other applications running on it when setting the max_hosts value.
As a number of other factors that are unique to your scanning environment will also affect your Nessus scans (e.g., your
organization’s policy on scanning, other network traffic, the effect a particular type of scan has on your scan target hosts),
experimentation will provide you with the optimal setting for max_hosts.