Recent Content
Welcome to the Community!
Welcome to Tenable Connect — your go-to destination to discover, learn, and engage on all things Tenable. Whether you're just getting started or are a seasoned user, Tenable Connect is designed to help you maximize the value of your Tenable investment. For additional guidance check out our Getting Started with Tenable Connect demo. Why Join Tenable Connect? Tenable Connect is more than just a support portal — it’s a collaborative hub where customers can: Access a wealth of documentation, guides, and training resources Ask questions and share expertise through our Q&A forums Open support cases for technical and non-technical issues Stay current with Tenable news, product updates, and events Learn best practices and tips from Tenable experts and your peers Request product enhancements and contribute to shaping future development The more you engage, the more valuable the community becomes for everyone. Note: Tenable Connect is exclusively available to Tenable customers. Getting Started: Registering for Tenable Connect To get access, follow these steps or watch the Register for Tenable Connect demo: Select Register at the top right of the page Include your Customer ID (found in your purchase order email). Enter your Company Name exactly as it appears on your PO. Your email address domain must match the approved domain on the account. Important: If you do not know your Customer ID, please do not complete the form. Submitting incorrect information may cause delays in linking your account. Once registered, you’ll receive an email to create your password. After resetting, use the same credentials to log into the community at connect.tenable.com Logging into Tenable Connect If you have already registered for Tenable Connect or formerly registered for Tenable Community, simply use the credentials that you previously used. If you are unsure of your password, select ‘Create or Reset Your Password’ on the login form. For more information, check out the Logging into Tenable Connect demo. Navigating the Community Tenable Connect is organized to put the most critical tools and resources at your fingertips. If you want to manage your licenses or contacts on the account, please go to the ‘Account Management’ section on the navigation bar. Support Open a Technical Support or Customer Care case under the Support tab. For Technical Support, you’ll need the correct account permissions. If you receive an error, contact your company’s Primary Contact. If you're the Primary Contact and still cannot access, email: customercare@tenable.com. For non-technical issues, you can submit a request without logging in. Check out the Technical Support Guide for full details on best practices and expectations. Learn Explore tutorials, onboarding guides, best practices, and in-depth documentation for all Tenable products — all in one place. News You Need Stay informed with the latest Tenable announcements, release updates, and security insights. Subscribe to forums or the full hub to get notified. Engage Join the conversation in product forums, participate in gamification activities, and explore our Customer Ambassador Program. Your contributions help shape the future of the community. Here’s a demo for getting started with engaging within Tenable Connect. Product Pages Each Tenable product has its own dedicated landing page with: Getting started resources Feature walkthroughs Support documentation Optimization tips Account Management The Account Management page will show your license entitlements, activation codes, license keys to download, manage contact access, and other critical account-related items. Your contact permissions on the account will determine the level of access and visibility you have on the Account Management page. Primary Contacts can manage all contacts and licenses and have full visibility and control over what others on the account can see. For an overview of the Account Management page, check out this overview. In addition, you may provision your products within this page. For guidance on provisioning products, please view this demo. Knowledge: Search Like a Pro Looking for something specific? Use the search bar at the top of any page to quickly find: Knowledge Base articles Documentation Q&A threads Training videos Blog posts Ready to Dive In? We’re excited to have you join the Tenable Connect community. Get involved, stay curious, and connect with peers and experts who are just as passionate about exposure management and innovation as you are. Please reach out if you have any questions or need help getting started.3likes0CommentsTroubleshooting credentialed scanning on Windows
ISSUE When running a credentialed scan on Windows, the Nessus Scanner cannot authenticate to the target. CAUSE Generally, this issue is due to one of the following conditions not having been met: The Windows Management Instrumentation (WMI) service must be enabled on the target. For more information, please see: Introduction to WEBMTEST. Additionally, ensure that ports 135 and 49152 through 65535 are open between the scanner and the target, as WMI connections will choose one of these ports to target. The Remote Registry service must be enabled on the target. File & Printer Sharing must be enabled in the target's network configuration. An SMB account must be used that has local administrator rights on the target. Note: A domain account can be used as long as that account is a local administrator on the devices being scanned. TCP ports 139 and 445 must be open between the Nessus Scanner and the target. Ensure that there are no security policies are in place that blocks access to these services. This can include: Windows Security Policies Antivirus or Endpoint Security rules IPS/IDS The default administrative shares must be enabled. These shares include: IPC$ ADMIN$ C$ The setting that controls this is AutoShareServer (Windows Server) or AutoShareWks (Windows Workstation) which must be set to 1. Windows 10 has the ADMIN$ disabled by default. For all other operating systems, these shares are enabled by default and can cause other issues if disabled. For more information, see http://support.microsoft.com/kb/842715/en-us RESOLUTION Testing from a Windows Host These steps will test connections to a target host using methods similar to what Nessus uses to perform credentialed checks. If these tests fail, it establishes that the issue is likely not with Nessus or the scan configuration, but with the target's security settings. Run all commands from an elevated Command prompt or PowerShell on a host in the same network as the target. Make sure this is not done on the target itself. If possible, use the scanner. Anonymous IPC$ login test Test the IPC$ share without a username by using the following command. This command is similar to how Nessus checks the share. Note: Change <Target_IP> to the target's IP address. net use \\<Target_IP>\ipc$ "" /user:"" For example: If this returns "Failed to connect to the IPC$ share anonymously." then the following should be verified: Ensure SMB is set up correctly Double-check firewall settings SMB Log on Test This is how Nessus tests the credentials to make sure it has access to the system. Run the following commands from an elevated command prompt. Note: Replace <username> and <password> with the credentials the scan is using. Also, change <Target_IP> to the target's IP address. net use \\<Target_IP>\ipc$ /user:<username> <password> net use \\<Target_IP>\admin$ /user:<username> <password> These commands should return "The command completed successfully." If it does not, then: Check the credentials. Check the account has sufficient privileges. Remote Registry Test Run the following command to check if the remote registry is running. Note: Change <Target_IP> to the target's IP address. reg query \\x.x.x.x\hklm If this returns registry keys, the service is running and accessible. If this returns "ERROR: The network path was not found." then the service is not running and must be enabled. WMI Troubleshooting and Test From another Windows host that can reach the scan target over the network: Run wbemtest from the Start Menu. Click 'Connect' in the upper-right corner. In the Namespace field, enter the target namespace as '\\target_host_ip\root\cimv2'. Thus, if the scan target is located at 10.10.0.63, enter '\\10.10.0.63\root\cimv2'. In the Credentials section, enter the credentials of the scanning account. Use 'domain\username' syntax in the User field. Click Connect in the upper-right corner. If successful, the wbemtest window should list the namespace as \\target_host_ip\root\cimv2. In the IWbemServices section below, a number of buttons should appear. Click Query... and enter the following query exactly in the popup, then click Apply: 'select DomainRole from Win32_ComputerSystem' A Query Result window with a single entry reading 'Win32_ComputerSystem=<no key>' should appear. Double-click that entry. In the Instance of Win32_ComputerSystem window, scroll down in the Properties list. A DomainRole entry should appear, with a value of 2, 3, 4 or 5. If the test above failed, do the following on the scan target: WMI Troubleshooting steps Ensure that the WMI service is enabled and running. Ensure the scan user has access to the root/CIMV2 namespace: Open wmimgmt.msc. In the left-hand panel, right-click WMI Control (Local) and choose Properties. Click the Security tab, expand the Root folder, and select the CIMV2 folder. Click the Security button. In the 'Security for ROOT/CIMV2' window, click the Advanced button. Confirm that the scanning account, or a group which it belongs to, is listed in this window. Click on the relevant entry and click the View button. Confirm that the permissions entry covering the scanning account has both the Enable Account and Remote Enable permissions set. Add the scanning account to the Distributed COM user group on the scan target. Alternatively, open Component Services (dcomcnfg) from the Start Menu. In the left panel, expand Component Services, then Computers, and right-click on My Computer. Select Properties. In the COM Security tab of the My Computer Properties window, click the Edit Limits button in the Access Permissions section. Ensure that the scanning account has all permissions. Repeat the previous step with the Edit Limits option under the Launch and Activation Permissions section. Testing from a Linux Host The program smbclient can be used as an alternative method of testing if the Nessus scanner is running on a Linux system that is scanning the Windows-based host. To install smbclient, run the following command as root: yum install samba-client To test the IPC$ share, use the following command. This command is similar to how Nessus checks the share. Note: Change <Target_IP> to the target's IP address. Change <username> and <password> to the credentials that Nessus uses. smbclient //<Target_IP>/IPC$ -U <username>%'<password>' If this returns "smb: \>", then the credentials and permissions work. If this returns "session setup failed: NT_STATUS_LOGON_FAILURE", then: Check the credentials. Check that the account has sufficient privileges. Still Having Issues If you continue to have authentication issues after completing this process, open a case with Technical Support providing the following information: A detailed description of what troubleshooting steps have already been tried A Nessus DB. For more information, see Collecting nessus.db Scan Results from Tenable Products ADDITIONAL RESOURCES Microsoft - Net use ServerFault - Windows shares via command line with user/pass, without mapping the drive? TechRepublic - Use the PushD & PopD commands for quick network drive mapping in Windows 7 Nessus - Credentialed Checks on Windows smbclient man page1like0CommentsUseful plugins to troubleshoot credentialed scans
Successful Login: Windows 24269 - WMI Available 10394 - Microsoft Windows SMB Log In Possible 10400 - Microsoft Windows SMB Registry Remotely Accessible 10428 - Microsoft Windows SMB Registry Not Fully Accessible Detection 57033 - Microsoft Patch Bulletin Feasibility Check 20811 - Microsoft Windows Installed Software Enumeration (credentialed check) 26921 - Windows Service Pack Out-of-Date 34252 - Microsoft Windows Remote Listeners Enumeration (WMI) 35703 - SMB Registry : Start the Registry Service during the scan 35704 - SMB Registry : Stop the Registry Service after the scan 24272 - Network Interfaces Enumeration (WMI) 19506 - Nessus Scan Information (Settings)* *Note: For 19506, "Credentialed Checks: yes" in the output indicates a successful scan Successful Login: Linux 22869 - Software Enumeration (SSH) (General) 12634 - Authenticated Check: OS Name and Installed Package Enumeration (Settings) 25221 - Remote listener enumeration (Linux / AIX) 33851 - Network daemons not managed by the package system 19506 - Nessus Scan Information (Settings)* *Note: For 19506, "Credentialed Checks: yes" in the output indicates a successful scan Oracle Database 22073 - Oracle Database Detection 10658 - Oracle Database tnslsnr Service Remote Version Disclosure 11219 - Nessus SYN scanner* OR 14272 - Netstat Portscanner (SSH)* *Note: These port scanners are used to determine which port the Oracle Database service was found on Login Failure/Permission Failure 11149 - HTTP login page: Provides a means for HTTP login info, but it also returns login failures when an error occurs. 21745 - OS Security Patch Assessment Failed: See More Information below. 24786 - Nessus Windows Scan Not Performed with Admin Privileges: This means the account provided for Windows did not have administrator privileges on the scanned host. 26917 - Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry: This means the target's registry was not available. This is most likely caused by the Remote Registry setting not being configured correctly either in the scan policy or on the target. 35705 - SMB Registry : Starting the Registry Service during the scan failed: Indicates failure to start the Remote Registry service on the target. 35706 - SMB Registry : Stopping the Registry Service after the scan failed: Indicates failure to stop the Remote Registry service on a target after a scan. More information for plugin 21745 - OS Security Patch Assessment Failed The plugin 21745 error "unable to create a socket" indicates that Nessus was unable to connect to the system. In this case, it means Nessus was unable to successfully complete the TCP handshake on port 445. This could be for a number of reasons: Nessus is unable to connect due to network issues A network or host- based firewall is blocking the connection attempts Due to network latency, a timeout is reached before the connection occurs The user that started the scan does not have permission to scan the given host and/or port If the user sees this error in plugin 21745 every time authentication fails for a given host, that likely means Nessus is having connection issues due to one of the conditions listed above. Nessus users have no host or port restrictions by default, so this can only occur if an admin explicitly put such a restriction in place. To determine if this is the case, view the rules file. To find the rules file: Log into Nessus as an administrator. Select Configuration > Advanced Settings. Scroll down to the rules setting. Note: If Nessus has too many open sockets during a scan, an error message may indicate this problem in nessusd.dump or nessusd.messages. Local Authentication These plugins authenticate to the remote host, gather the information necessary for local checks, and enable local checks. Their output and audit trails provide details of any problems that were encountered. 97993 - OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library): Enables local checks over SSH. 12634 - Authenticated Check : OS Name and Installed Package Enumeration: Enables local checks over SSH. 10394 - Microsoft Windows SMB Log In Possible: Enables local checks over SMB. 19762 - SNMP settings: Enables local checks over SNMP. 73204 - Citrix NetScaler Version Detection: Enables local checks over SSH, SNMP, or NTP. 72816 - Palo Alto Networks PAN-OS Version Detection: Enables local checks over HTTP if not already enabled over SSH. 57399 - VMware vSphere Installed Patches: This gathers info via the HTTPS SOAP API which triggers other plugins to enable local checks. 57400 - VMware vSphere Installed VIBs: This gathers info via the HTTPS SOAP API which triggers other plugins to enable local checks. Third-party Local Checks These plugins gather information about the host from a third party and enable local checks. 80860 - Patch Management: Get Packages from Symantec Altiris: Enables "local" checks via Symantec Altiris. 65703 - Patch Management: HCL BigFix Get Installed Packages: Enables "local" checks via IBM BigFix (previously known as Tivoli Endpoint Manager). 84231 - Patch Management: Red Hat Satellite Get Installed Packages: Enables "local" checks via Red Hat Satellite 6. 84238 - Patch Management: Red Hat Satellite Server Settings: Enables "local" checks via Red Hat Satellite 5. 63062 - VMware vCenter Data Collection: Enables "local" checks via VMware vCenter. Windows Access Checks These plugins check for the required privileges/access for Windows local checks and set required KB entries in order for Windows local checks to be performed. 10400 - Microsoft Windows SMB Registry Remotely Accessible: Logs registry access issues that prevent local checks from being enabled. 10428 - Microsoft Windows SMB Registry Not Fully Accessible Detection: Tests registry access and sets "SMB/registry_full_access" if successful. 13855 - Microsoft Windows Installed Hotfixes: Logs registry and share access issues that prevent local checks from being enabled. 57033 - Microsoft Patch Bulletin Feasibility Check: Sets the flag "SMB/MS_Bulletin_Checks/Possible" based on the results on plugin 13855. Summarize Specific Auth / Local Checks Issues These plugins provide summaries of particular types of auth / local checks issues that have been reported by other plugins and report the plugins that encountered these issues. 102094 - SSH Commands Require Privilege Escalation: Reports commands that failed due to lack of privilege escalation or due to failed privilege escalation. Commands reported here may not have prevented local checks from running but may have caused the plugin associated with each command to fail to produce the expected output. This causes authentication to report as successful, but with insufficient access. 110695 - OS Security Patch Assessment Checks Not Supported: Reports that local checks were unavailable for the identified device or operating system and includes the report of the plugin that logged the unavailability of local checks. In this case, the credentials may be correct and login may have been successful, but checks cannot be run against the host for another reason, such as if the target is an OS type for which there is no plugin support. 150799 - Target Access Problems by Authentication Protocol - Maximum Privilege Account Used in Scan: Reports that log in was successful and that the credentials can escalate to the highest level of privilege possible on the host, but that the scanner still encountered permissions issues while scanning. For more information on this plugin, please see the related Research Highlight. Summarize Authentication Status These plugins provide summaries of the overall authentication status for the target. A given target should trigger at least one of these plugins. 141118 - Target Credential Status by Authentication Protocol - Valid Credentials Provided: Reports protocols with successful authentication. This identifies that the protocols specified were able to authenticate to the target successfully at least once. This may be paired with other plugins. 110095 - Target Credential Issues by Authentication Protocol - No Issues Found: Reports protocols with successful authentication and no reported privilege/access issues. 110385 - Target Credential Issues by Authentication Protocol - Insufficient Privilege: Reports protocols with successful authentication that also had privilege/access issues logged for the successful credentials. 104410 - Target Credential Status by Authentication Protocol - Failure for Provided Credentials: Reports protocols with only authentication failures. 110723 - Target Credential Status by Authentication Protocol - No Credentials Provided: Reports protocols that were detected in the scan as available for authentication but that did not have credentials provided to attempt authentication with. 117885 - Target Credential Issues by Authentication Protocol - Intermittent Authentication Failure: Reports protocols with successful authentication that also had subsequent authentication failures logged for the successful credentials. Notes: A given target usually triggers at least one of these unless no services are detected supporting protocols that Nessus uses for authentication. Audit trails should indicate this. Authentication status is reported per protocol. This means if there are multiple authentication protocols available on the target with different authentication statuses, it is possible to see both Authentication Success and Authentication Failure. For a given protocol, if both access/privilege problems were encountered and service/authentication problems were encountered, it is possible to see both plugins 110385 and 117885. Summarize Local Checks Status These plugins provide summaries of overall local checks status for the target. In the case of issues or errors logged by previous plugins, these plugins provide a list of the issues/errors logged along with the reporting plugin and protocol if available. 21745 - OS Security Patch Assessment Failed: Reports that local checks were not enabled due to an error/failure and lists the details of the errors/failures. Focus on "Local Checks Not Run" rather than the "Authentication Failure" section. While authentication failure is one failure that can cause local checks be disabled, there are many other types of errors and failures that prevent enabling local checks. 117886 - OS Security Patch Assessment Not Available: Reports that local checks were not enabled for an informational reason and lists details. 117887 - OS Security Patch Assessment Available: Reports that local checks were enabled. If available, this includes the account and protocol used for local checks. ADDITIONAL RESOURCES An additional list of plugins useful for troubleshooting Nessus scans can be found here.0likes0CommentsWin a Tenable Connect t-shirt! Official Sweepstakes Details & Rules
Log in to Tenable Connect before July 1, 2025 for a chance to win a limited edition Tenable Connect t-shirt! Each individual who logs in to the new Tenable Connect platform during the entry period will receive 1 entry into the sweepstakes. First-time community users will need to successfully complete the registration process and log in to the platform. Winners will be notified in July via the email used to log in to Tenable Connect, and need to complete the order form in order to receive their t-shirt. Full details and official rules are found here: Tenable Community Platform Sweepstakes Official Rules No Purchase Necessary to Enter or Win Overview. Tenable, Inc. (“Tenable”) has created a Sweepstakes where participants will participate by logging into the new community platform (connect.tenable.com) at least one time between May 6, 2025 and July 1, 2025. Participants will need to fill-out a registration form and choose a username to complete their registration on the platform. Participant names will be tracked and drawn randomly to be selected to win a free Tenable Connect t-shirt. The Sweepstakes is sponsored by Tenable and begins on May 6, 2025, 5:00 pm EST. Entries must be submitted during the Sweepstakes Entry Period (as defined below) to Tenable in strict accordance with Tenable’s instructions and these Official Rules. Entrants are limited to a single entry during the Sweepstakes Period. Those who do not abide by these Official Rules or Tenable’s instructions or the prize fulfillment requirements may be disqualified at Tenable’s sole discretion. Tenable may keep all Entrant information after completion of the Sweepstakes for business management and record keeping purposes. Eligibility. The Sweepstakes is open only to all individuals who are 18 years of age or older; however, employees of Tenable and/or the immediate family (spouse, parents, siblings and children) and household members (whether related or not) of each such employee, and federal and state government employees are not eligible to win the prizes described herein. No purchase of Tenable’s products or services is necessary to participate in the Sweepstakes. All international, U.S., federal, state and local laws and regulations apply and this Sweepstakes is void where prohibited by law. Sponsor. The sponsor and administrator of this Sweepstakes is Tenable, Inc., with its place of business located at 6100 Merriweather Drive, Columbia, MD 21044, United States of America. In case of complaints or disputes, send an e-mail to legal@tenable.com with the subject line “Tenable Community Platform Sweepstakes.” Agreement to Official Rules. Participation in the Sweepstakes constitutes Entrant’s full and unconditional agreement to and acceptance of these Official Rules and the decisions of the Sponsor, which are final and binding. Winning a prize is contingent upon fulfilling all requirements set forth herein. Sweepstakes Entry Period. The Sweepstakes begins on May 6, 2025 at 12:00 pm EST and ends on July 1, 2025 at 11:59 pm EST (the “Sweepstakes Entry Period”). Entry. To enter the Sweepstakes, eligible entrants must complete a registration for and log into the new community platform (connect.tenable.com) at least one time during the Sweepstakes Entry Period. The Sweepstakes is limited to one entry per person, and multiple entries by a single Entrant may void eligibility. Winners. The winners will be selected randomly after the Sweepstakes Entry Period, with all winners selected by July 15, 2025. If a potential winner did not comply with the Official Rules of this Sweepstakes, their entry will be void and Tenable will select an alternate winner in his/her place. Prizes. There will be up to 100 winners receiving a Tenable t-shirt. Tenable will notify the potential winners via email to the email address that the Entrant provides during registration. In order to claim their prize, each winner will have to complete the order form within the email and provide their shirt size, contact information and a verified shipping address. The email and prize form will be through a third-party tool, Sendoso. Winners must respond and complete the form in its entirety by September 1, 2025 11:59 pm EST to claim their prize. If legitimately claimed, the prize will be awarded. All taxes, social security payments or other fees (including those applicable in your jurisdiction of primary residence) and other expenses not specified in these Official Rules as being provided as part of the prize are the sole responsibility of the winners. Winners must provide a valid address in order to receive the prize. Tenable will not replace and is not responsible for any lost, damaged, mutilated or stolen prize or any prize that is undeliverable or does not reach a winner because of an incorrect or changed address or other contact information. No transfers, prize substitutions or cash redemptions will be made. Tenable reserves the right to substitute the stated prize or portion thereof with another prize or portion thereof of equal or greater value (such as a gift card) for any reason, including, without limitation, prize unavailability. General Conditions. All federal, state and local laws apply. As a condition of entry, and by participating in and entering the Sweepstakes, you agree to be bound by these Official Rules and the decisions of Tenable, which shall be final and binding in all respects, and to release, discharge and hold harmless Tenable, its parents, subsidiaries, affiliates, agencies, agents and representatives from any and all claims, charges, injuries, liability, losses and/or damages of any kind caused by, resulting from or arising out of your participation in the Sweepstakes and/or your acceptance, use, misuse, loss or misdirection of a prize. Failure to comply with these Official Rules may result in disqualification from this Sweepstakes. Tenable may use a third party tool, Sendoso, to facilitate collection of Entrant’s information and selection of winners. The Sweepstakes is in no way sponsored, endorsed, or in association with Sendoso or its affiliates. Each Entrant completely releases and absolves Sendoso or its affiliate from any association or liability of this Sweepstakes. Tenable’s failure to or decision not to enforce any provision in these Official Rules will not constitute a waiver of that or any other provision. In the event there is an alleged or actual ambiguity, discrepancy or inconsistency between disclosures or other statements contained in any Sweepstakes-related materials and/or these Official Rules (including any alleged discrepancy or inconsistency in these Official Rules), it will be resolved in Tenable’s sole discretion. The invalidity or unenforceability of any provision of these Official Rules will not affect the validity or enforceability of any other provision. In the event that any provision is determined to be invalid or otherwise unenforceable or illegal, these Official Rules will otherwise remain in effect and will be construed in accordance with their terms as if the invalid or illegal provision were not contained herein. If the Sweepstakes is not capable of running as planned for any reason, Tenable reserves the right, in its sole discretion, to cancel, modify or suspend the Sweepstakes and award the prizes based on entries received prior to cancellation, modification, or suspension or as otherwise deemed fair and appropriate by Tenable. Privacy. Each Entrant agrees to the use of personal information submitted when they enter as detailed in Tenable’s Privacy Policy posted at: http://www.tenable.com/privacy-policy. Tenable collects personal information in order to conduct the Sweepstakes. The Entrants’ personal data may be used for the following purposes: (a) to contact potential winners; (b) in compliance with applicable laws, to send Entrants marketing communications, including via e-mail, about Tenable products and services. You should direct any request to access, update or correct information to Tenable by emailing your request to privacy@tenable.com. By participating in the Sweepstakes and accepting these Official Rules, you acknowledge and consent to the use of your data as set out above. Disclaimer, Limitation of Liability and Disputes. NOTHING IN THESE OFFICIAL RULES LIMITS, EXCLUDES OR MODIFIES OR PURPORTS TO LIMIT, EXCLUDE OR MODIFY ANY STATUTORY CONSUMER GUARANTEES OR ANY IMPLIED CONDITION OR WARRANTY, THE EXCLUSION OF WHICH FROM THESE TERMS AND CONDITIONS WOULD CONTRAVENE ANY STATUTE OR CAUSE ANY PART OF THESE OFFICIAL RULES TO BE VOID ("NON-EXCLUDABLE GUARANTEES"). SUBJECT TO THE LIMITATIONS IN THE PRECEDING SENTENCE, TENABLE EXCLUDES FROM THESE OFFICIAL RULES ALL CONDITIONS, WARRANTIES AND TERMS IMPLIED BY STATUTE, GENERAL LAW OR CUSTOM EXCEPT FOR LIABILITY IN RELATION TO A NON-EXCLUDABLE GUARANTEE. YOU AGREE THAT THE PRIZE IS PROVIDED AS-IS WITHOUT ANY WARRANTY, REPRESENTATION OR GUARANTEE, EXPRESS OR IMPLIED, IN FACT OR IN LAW, WHETHER NOW KNOWN OR HEREINAFTER ENACTED, RELATIVE TO THE USE OR ENJOYMENT OF THE PRIZE, BEYOND ANY NON-EXCLUDABLE GUARANTEES. IN NO EVENT SHALL THE SPONSOR BE LIABLE FOR ATTORNEY’S FEES. EXCEPT WHERE PROHIBITED, AS A CONDITION OF PARTICIPATING IN THIS SWEEPSTAKES, YOU AGREE THAT ANY AND ALL DISPUTES THAT CANNOT BE RESOLVED BETWEEN THE PARTICIPANT AND TENABLE, CLAIMS AND CAUSES OF ACTION ARISING OUT OF OR CONNECTED WITH THIS SWEEPSTAKES, OR THE PRIZE AWARDED, OR THE DETERMINATION OF THE WINNER MUST BE RESOLVED INDIVIDUALLY, WITHOUT RESORT TO ANY FORM OF CLASS ACTION. FURTHER, IN ANY SUCH DISPUTE, UNDER NO CIRCUMSTANCES WILL YOU BE PERMITTED OR ENTITLED TO OBTAIN AWARDS FOR PUNITIVE, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, OR ANY OTHER DAMAGES, INCLUDING ATTORNEYS' FEES, OTHER THAN PARTICIPANT'S ACTUAL OUT-OF-POCKET EXPENSES (IF ANY), NOT TO EXCEED ONE-HUNDRED DOLLARS (USD $100.00). Governing Law. This Sweepstakes and any dispute arising under or related thereto (whether for breach of contract, tortious conduct or otherwise) will be governed by the internal laws of the State of Maryland, without giving effect to its conflicts of law or choice of law principles. Any legal actions, suits or proceedings related to this Sweepstakes (whether for breach of contract, tortious conduct or otherwise) will be brought exclusively in the state or federal courts located in the State of Maryland, and each participant accepts and submits to the personal jurisdiction of those courts with respect to any legal actions, suits or proceedings arising out of or related to this Sweepstakes.22likes0CommentsTenable Connect Guide
For more details on accessing your products, managing your contacts, and viewing your entitlements, please refer to the Tenable Account Management Portal documentation page. For additional resources and guidance, check out our Tenable Connect demo library below. Tenable Connect Overview Logging Into Tenable Connect Registering for Tenable Connect Engaging in Tenable Connect Tenable Account Management Overview Provisioning Tenable Products0likes0CommentsTenable Security Center - "Plugins Out of Sync" warning explained
Rule out third-party interference If a scanner is repeatedly and persistently returning or stuck on a 'Plugins Out of Sync' or 'Updating Plugins' status, it is possible that plugin updates to the scanner are being interrupted or blocked. Common possible causes include: Scanner host restarting mid-update Issues or interference with the network connection between Nessus and TSC Antivirus or endpoint protection software blocking or modifying plugin files As some Nessus plugins utilize known exploit techniques to check for vulnerabilities, they can be flagged as threats by antivirus or endpoint protection software. Ensure that all files, folders, and processes listed in the following documentation are explicitly allowed by any endpoint protection software on the scanner host: File and Process Allowlist (Tenable Nessus) Additionally, confirm that there is no interference at the network level, and that plugin traffic to and from the scanner is not being blocked or altered by any intervening network device (such as an IDS/IPS, firewall, or proxy). If the issue still occurs, follow the troubleshooting steps below. Increase Scanner Timeout in TSC On the TSC server, check the current Scanner Timeout settings by running the following commands. Run all commands on the TSC host as root or using sudo: /opt/sc/support/bin/sqlite3 -header -table /opt/sc/application.db "select name,value from Configuration where name='ScannerStatusTimeout'" Example output where the ScannerStatusTimeout limit is set to 120 (seconds): +----------------------+-------+ | name | value | +----------------------+-------+ | ScannerStatusTimeout | 120 | +----------------------+-------+ To modify the value, and increase the limit (in this example to 300), run the following command: /opt/sc/support/bin/sqlite3 /opt/sc/application.db "Update Configuration set value='300' where name='ScannerStatusTimeout'" In some cases, more than 300 seconds may be needed. In very narrow band scenarios (Such as RF, or single channel ISDN) you may need to experiment, or test values up to the limit of 900 seconds. Warning: Do not exceed 900 seconds (longer than 15 minutes). This could cause an update loop to occur causing TSC to become unstable. Try to update the plugins for the affected scanner again in the TSC interface. Manually update the plugins on the affected scanner Obtain plugin download URL If you have root access on the TSC host, the plugin download URL can be obtained by running the following command: PluginSubscriptionLogin=`/opt/sc/support/bin/sqlite3 /opt/sc/application.db 'SELECT value FROM Configuration WHERE name = "PluginSubscriptionLogin"'` && PluginSubscriptionPassword=`/opt/sc/support/bin/sqlite3 /opt/sc/application.db 'SELECT value FROM Configuration WHERE name = "PluginSubscriptionPassword"'` && echo -e '\nDownload URL:\n\nhttps://downloads.nessus.org/get.php?f=all-2.0.tar.gz&u='$PluginSubscriptionLogin'&p='$PluginSubscriptionPassword'' The output should be as follows: https://downloads.nessus.org/get.php?f=all-2.0.tar.gz&u=e00036c8157ed2402d05491b1d90c5df&p=d7770d12a8acfeb28e5312b95b98a1bf Navigate to the URL in a browser to download the all-2.0.tar.gz file. If you do not currently have shell access on the TSC host, the plugin URL can be constructed with a diagnostic report. Continue reading below. Otherwise, jump to Updating the Scanner. In order to perform this step, you will need to generate a TSC diagnostic report to obtain the plugin download site. To download TSC diagnostics file: Log in TSC as an admin user In the top navigation, click System, then Diagnostics. Click Create Diagnostics file. Once it has been completed, click Download Diagnostics file. In this example, we will use the information found in the sc-configuration.txt file in the diagnostic report. You will need to find the following: PluginActivationCode 'FTXX-67XX-C6XX-21XX-XXXX' PluginUpdateSite 'downloads.nessus.org' PluginSubscriptionStatus 'Valid' PluginSubscriptionLogin 'e00036c8157ed2402d05491b1d90c5df' PluginSubscriptionPassword 'd7770d12a8acfeb28e5312b95b98a1bf‘ Note: The information above is an example only. This cannot be used for your downloads. Once you have this, craft this into a URL to download the all-2.0.tar.gz plugin update file. The URL is constructed using the following syntax: https://<PluginUpdateSite>/get.php?f=all-2.0.tar.gz&u=<PluginSubscriptionLogin>&p=<PluginSubscriptionPassword> For example: https://downloads.nessus.org/get.php?f=all-2.0.tar.gz&u=e00036c8357ed5102d02291b1d90c5df&p=d7770d12a8acfeb28e5312b95b98a1bf Using this URL, download the all-2.0.tar.gz file from it. Updating the Scanner NOTE: The Nessus scanner will still need to be able to communicate directly with TSC. This only resolves issues with the initial plugin push. Upload the all-2.0.tar.gz file to the Nessus scanner host, update with the acquired tarball, and edit the plugin_feed_info.inc in the /plugins directory: Linux service nessusd stop /opt/nessus/sbin/nessuscli update all-2.0.tar.gz FreeBSD service nessusd stop /usr/local/nessus/sbin/nessuscli update all-2.0.tar.gz Mac OS X launchctl unload -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist /Library/Nessus/run/sbin/nessuscli update all-2.0.tar.gz Windows Place the all-2.0.tar.gz file in C:\Program Files\Tenable\Nessus then run the following commands from an Administrator command prompt: net stop "Tenable Nessus" "C:\Program Files\Tenable\Nessus\nessuscli.exe" update all-2.0.tar.gz Updating the plugin_feed_info.inc file This is needed to ensure a feed error does not occur when logging into Nessus installed on a Linux or Windows host. Add the following line to /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc: PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning"; The end result should look similar to this: PLUGIN_SET = "201705191930"; PLUGIN_FEED = "ProfessionalFeed (Direct)"; PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning"; Rebuild the plugins Linux /opt/nessus/sbin/nessusd -R service nessusd start FreeBSD /usr/local/nessus/sbin/nessusd -R service nessusd start Mac OS X /Library/Nessus/run/sbin/nessusd -R launchctl load -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist Windows "C:\Program Files\Tenable\Nessus\nessusd.exe" -R net start "Tenable Nessus Once you have run this and it completes, update the status on TSC and give up to 30 minutes for the scanners to reflect a working status. Further troubleshooting Since a stable fast network connection between Tenable products is mandatory for them to function correctly the following steps will help confirm if the current state of the connection between TSC and Nessus is sufficient to allow plugins to be transferred automatically. Construct the plugin download URL as per Putting the download URL together of this guide. It will look similar to this: https://downloads.nessus.org/get.php?f=all-2.0.tar.gz&u=e00036c8357ed5102d02291b1d90c5df&p=d7770d12a8acfeb28e5312b95b98a1bf Use curl to download the full plugin update to the TSC system and write it to a directory that is accessible over HTTP. curl -v 'https://downloads.nessus.org/get.php?f=all-2.0.tar.gz&u=e00036c8357ed5102d02291b1d90c5df&p=d7770d12a8acfeb28e5312b95b98a1bf' -o /opt/sc/www/html/all-2.0.tar.gz Once the plugins have been downloaded to TSC, download them to the scanner from the HTTP accessible location. The plugin timeout was changed to 900 seconds (15 minutes) in Increase Scanner Timeout in TSC. *nix systems Command curl -v -k 'https://myTSC/all-2.0.tar.gz' -o /tmp/all-2.0.tar.gz Expected Output: Windows You can navigate to https://<TSC_IP>/all-2.0.tar.gz or run the following Powershell command: Invoke-WebRequest -Uri "https://myTSC/all-2.0.tar.gz" -Headers @{"Upgrade-Insecure-Requests"="1";} Expected Output:0likes0CommentsTenable is a CompTIA Pre-Approved Training Provider
As of December 9, 2024, Tenable has officially been approved as a CompTIA Pre-approved IT industry training course provider. This means our customers who earn any one of our Tenable Product certifications can now apply up to 29 CEUs toward their CompTIA Security+ CE renewal. The certifications that qualify are: Tenable Vulnerability Management Specialist Tenable Vulnerability Management Expert Tenable Security Center Specialist Tenable Security Center Expert Tenable OT Security Specialist Customers can visit https://www.certmetrics.com/comptiato apply and upload the required documentation to their CompTIA account.3likes0CommentsCustomer Care Guide
To effectively work with Tenable Customer Care, here's a breakdown of the process and key information: Identify Your Need: Technical Issues: If you're experiencing problems with Tenable products (scanning errors, installation issues, product not working as expected), you'll need Technical Support. Non-Technical Issues: For help with order fulfillment, managing account contacts, Tenable Connect login errors, and permissions, contact Customer Care. Account Onboarding and Renewals: Larger accounts and accounts with complex products will be assigned a Customer Success Manager, who can assist further with onboarding, renewals, product adoption, professional services, training, sales questions, or strategic best practices. If your account has a Customer Success Manager, their contact information is displayed on the Account Management landing page. Log in to Tenable Connect: The primary way to interact with Tenable support is through the Tenable Connect portal: https://connect.tenable.com You'll likely need to log in or register for an account if you haven't already. You will already have an account if: You are named on the Order Fulfillment email You have logged in to Tenable Community or Tenable Connect before Opening a Customer Care Case (for Non-Technical Issues): Visit the Customer Care page on the Tenable Connect: https://connect.tenable.com Fill out the form with your name, email, subject, and a detailed description of your request. You can submit a non-technical Customer Care request without logging in to Tenable Connect. You can also submit a non-technical Customer Care request by emailing customercare@tenable.com. Provide identifying information for you, your account, and your product. Your email address Your account’s Customer ID number Product activation code, UUID, or the order number from your Order Fulfillment email. Provide a detailed description of the issue, including: The behavior you expect. The behavior you are experiencing. Any error messages. Steps you've already taken. Specify the product you are having trouble with. Customer Care will email your reply by the end of the next business day. The Customer Care team is not currently phone-enabled. Best Practices for Working with Tenable Support: Be clear and concise when describing your issue. Provide as much detail as possible, including steps to reproduce the problem, error messages, and the impact on your work. Include relevant logs and diagnostic information if applicable. Respond promptly to any requests for further information from the support team. Keep track of your case number for easy reference. If you have a critical technical issue (P1), call your regional Technical Support phone number for the fastest response. By following these steps, you can effectively engage with Tenable Customer Care and Tenable Technical Support to get the assistance you need. Remember to use Tenable Connect as your primary point of contact for most issues.1like0CommentsList of ports in Nessus defined by Port Scan Range : default
INFORMATION In a Nessus or Tenable Vulnerability Management scan policy, under Discovery > Port Scanning, you can define the port scan range. This field can be set to an explicit value, range, combination of both, or default. When set using the keyword 'default', the scanner will scan approximately 4,790 common ports. The list of ports can be found in the nessus-services file on the Nessus scanner. This list can change over time. Note: 'default' is case sensitive and must be lowercase. DETAILS The nessus-services file can be found in these default locations on a Nessus scanner: Windows C:\ProgramData\Tenable\Nessus\nessus\nessus-services Mac /Library/Nessus/run/var/nessus/nessus-services Linux /opt/nessus/var/nessus/nessus-services ADDITIONAL RESOURCES An example of the nessus-services file is attached to this article. Please note that the contents of this file are subject to change. Previously, when creating a new scan or policy using the Internal PCI Network Scan template, by default the port scan range was set to 'common'. This is not the same as the 'default' list mentioned above. However, the Internal PCI Network Scan template now uses the default range.0likes0CommentsTenable Core Account Expiry
APPLIES TO Tenable Core OPERATING SYSTEM(S) TenableCore DESCRIPTION Tenable Core, a lightly customized version of Oracle Linux 8, is hardened in accordance with security best practices including some elements of the CIS Level 1 benchmarks. One benchmark in particular has the potential to lock users out and expire their account: Default Security Configuration Standards 5.4.1.4 Ensure inactive password lock is 30 days or less This requirement means that user accounts will be automatically disabled after a period of 30 days of inactivity following password expiration. In order to prevent this, Tenable Core users should log into the cockpit (8000) or SSH at least once every 365 days and update their account password to prevent it from expiring, which in turn prevents the account from becoming locked out. INFORMATION Please log into Tenable Connect to view the following additional resources and access more support. If your account has already expired due to the above requirement, the following knowledge base article will help to resolve it: Unable to Sign Into Tenable Core "Authentication failed: internal-error" For a physical hardware hosted Tenable Core instance, this may require a keyboard and monitor hooked up or serial access. If needed, steps 10-15 of the following article can be used to attach to the serial console for direct interaction: Installing a new platform via USB for Tenable OT Security Hardware Appliances For Tenable OT Security environments, please see Leveraging the Remote Unlock Feature in Tenable Core for instructions on how to remotely unlock administrative accounts on Tenable Core machines.1like0Comments
About Tenable Connect Support
Support guides and resources to help you get the most out of the Tenable Connect community.35 Articles