Specifications
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
67
plugin_upload
Designate if admin users may upload plugins.
plugins_timeout
Maximum lifetime of a plugin’s activity (in seconds).
port_range
Range of the ports the port scanners will scan. Can use keywords “default” or “all”, as
well as a comma delimited list of ports or ranges of ports.
purge_plugin_db
Determines if Nessus will purge the plugin database at each update. This directs
Nessus to remove, re-download, and re-build the plugin database for each update.
Choosing yes will cause each update to be considerably slower.
qdb_mem_usage
Directs Nessus to use more or less memory when idle. If Nessus is running on a
dedicated server, setting this to “high” will use more memory to increase performance.
If Nessus is running on a shared machine, settings this to “low” will use considerably
less memory, but at the price of a moderate performance impact.
reduce_connections_on_
congestion
Reduce the number of TCP sessions in parallel when the network appears to be
congested.
report_crashes
Anonymously report crashes to Tenable.
rules
Location of the Nessus Rules file (nessusd.rules).
The nessusd.rules file applies to Nessus administrative users too.
safe_checks
Safe checks rely on banner grabbing rather than active testing for a vulnerability.
save_knowledge_base
Save the knowledge base on disk for later use.
silent_dependencies
If enabled, the list of plugin dependencies and their output are not included in the
report. A plugin may be selected as part of a policy that depends on other plugins to
run. By default, Nessus will run those plugin dependencies, but will not include their
output in the report. Setting this option to no will cause both the selected plugin, and
any plugin dependencies to all appear in the report.
slice_network_addresses
If this option is set, Nessus will not scan a network incrementally (10.0.0.1, then
10.0.0.2, then 10.0.0.3, and so on) but will attempt to slice the workload throughout the
whole network (e.g., it will scan 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then
10.0.0.128, and so on).
source_ip
In the case of a multi-homed system with different IPs on the same subnet, this option
tells the Nessus scanner which NIC/IP to use for the tests. If multiple IPs are provided,
Nessus will cycle through them whenever it performs a connection.
ssl_cipher_list
Make sure only “strong” SSL ciphers are used when connecting to port 1241. Supports
the keyword “strong” or the general OpenSSL designations as listed at
http://www.openssl.org/docs/apps/ciphers.html.
stop_scan_on_disconnect
Stop scanning a host that seems to have been disconnected during the scan.
stop_scan_on_hang
Stop a scan that seems to be hung.