This is part of a presentation I gave on running NESSUS:

  1. In your browser, go to:
  2. Enter the user name and password that you registered with on Tenable. Click log in.
  3. You will see the Nessus console page come up.
  4. Set up a new Policy for as an example, Windows Vulnerabilities. Click on Policies, click Add.  Name it “windows vuln”.  Under Port Scanners, tick only SYN Scan and Ping Host options.
  5. Click on Plugin Tabs. Disable All.  We only want certain Windows vulnerabilities. Select Microsoft Bulletins.
  6. Click Next. You get the Credentials screen.  Submit again.
  7. To activate the scan, add scan. Name it “windows xp”.  Type is Run Now. Click the policy you just created. Identify the scan targets with the IP addresses of the hosts that you identified.  Click Launch scan.
  8. You will see the scan is running. You can browse into it as it is running.  You will see detailed date on the finding itself and it will also present remediation information to help close down that vulnerability.
  9. Click Reports to publish a report for this. Click Download to download the report.