Tenable Research Release HighlightNessus Agent Reset Plugin and Scan Template Summary Tenable Research has released a Credentialed Scan plugin and Scan Template “Nessus 10.8.0 / 10.8.1 Agent Reset” in support of addressing the issues in the Nessus Agent 10.8.0 and 10.8.1.ChangeNew Scan Template: “Nessus 10.8.0 / 10.8.1 Agent Reset”Pre-requisite: Ensure that the agent version is set to 10.8.2 or 10.7.x in Agent Profile (for TVM) and Nessus Manager (for TSC).This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes (https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2) under the [Perform a plugin reset] section. Notes: The Nessus Agent Reset plugin will only run from the provided Scan Template and will not reset Nessus Agents when run from any other Scan Template. For Ubuntu/Debian Unix credentials, please ensure that only one set of privilege escalation credentials are provided with the required permissions level for the OS script to execute. 13 JAN 2025 UPDATE: Please note that triggering a plugin reset will result in a large spike in network traffic. ImpactWithout this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS. Using this Scan Template and Credentialed Scan plugin, customers can run the Nessus Agent Reset scripts on each updated Nessus Agent from a Remote Credentialed Scan, with the necessary credentials and permissions, using Nessus, Nessus Manager, T.VM, and T.SC (released 08 JAN).Target Release Date07 JAN 2025

ETA on T.sc? EOD or maybe by the end of the week? Just curious as it wasn't listed.

T.SC Scan Template is in testing now. Pushing for release soonest.

You can use Nessus Manager (Nessus for Agents) if you've got one connected to SC.

Trying to understand who this benefits and how exactly. "This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. ""Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2. "The two statements are conflicting. Does this perform plugin resets for agent hosts on 10.8.0 or 10.8.1 (which makes sense), or does this need to be executed only after upgrading to 10.8.2. If the latter why would anyone need to utilize this scan if they're already on 10.8.2 which is listed as one of two methods to resolve the agent offline issue?https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2 states There are two methods you can use to recover the offline agents. Choose the method that follows your organization's agent management standards:Upgrade to 10.8.2 or downgrade to 10.7.3If your organization uses internal automation or manually updates using install packages, use the following steps to bring agents back online:Download the Tenable Nessus Agent 10.8.2 or 10.7.3 install package.OR, Perform a plugin resetWhy is a plugin reset needed if this Scan requires you to already be on 10.8.2?"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "Will this be a credential scan? If so does Tenable assume clients with thousands of agents all share the same user and passwords? A main benefit of using Agents is to avoid credentials. If this is a credential scan, how does this benefit clients with thousands of agents that are unable to provide thousands of credentials that they most likely won't have access to?

Corrected. Changed Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2.ToWithout this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS .

ibelyna

1 year ago

Tenable Research Release Highlight Nessus Agent Reset...

Tenable Research Release Highlight

Nessus Agent Reset Plugin and Scan Template

Summary

Tenable Research has released a Credentialed Scan plugin and Scan Template “Nessus 10.8.0 / 10.8.1 Agent Reset” in support of addressing the issues in the Nessus Agent 10.8.0 and 10.8.1.

Change

New Scan Template: “Nessus 10.8.0 / 10.8.1 Agent Reset”
Pre-requisite: Ensure that the agent version is set to 10.8.2 or 10.7.x in Agent Profile (for TVM) and Nessus Manager (for TSC).

This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes (https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2) under the [Perform a plugin reset] section.

Notes:

The Nessus Agent Reset plugin will only run from the provided Scan Template and will not reset Nessus Agents when run from any other Scan Template.
For Ubuntu/Debian Unix credentials, please ensure that only one set of privilege escalation credentials are provided with the required permissions level for the OS script to execute.
13 JAN 2025 UPDATE: Please note that triggering a plugin reset will result in a large spike in network traffic.

Impact

Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS. Using this Scan Template and Credentialed Scan plugin, customers can run the Nessus Agent Reset scripts on each updated Nessus Agent from a Remote Credentialed Scan, with the necessary credentials and permissions, using Nessus, Nessus Manager, T.VM, and T.SC (released 08 JAN).

Target Release Date

07 JAN 2025

Target

Tenable Research

17 Replies

george_grayston
Connect Contributor
1 year ago
ETA on T.sc? EOD or maybe by the end of the week? Just curious as it wasn't listed.
- cezar1
  Connect Captain
  1 year ago
  You can use Nessus Manager (Nessus for Agents) if you've got one connected to SC.
ibelyna
1 year ago
T.SC Scan Template is in testing now. Pushing for release soonest.
gerron_thurman
Connect Contributor
1 year ago
Trying to understand who this benefits and how exactly.
"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "
"Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2. "
The two statements are conflicting. Does this perform plugin resets for agent hosts on 10.8.0 or 10.8.1 (which makes sense), or does this need to be executed only after upgrading to 10.8.2. If the latter why would anyone need to utilize this scan if they're already on 10.8.2 which is listed as one of two methods to resolve the agent offline issue?
https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2 states
There are two methods you can use to recover the offline agents. Choose the method that follows your organization's agent management standards:
Upgrade to 10.8.2 or downgrade to 10.7.3
If your organization uses internal automation or manually updates using install packages, use the following steps to bring agents back online:
Download the Tenable Nessus Agent 10.8.2 or 10.7.3 install package.
OR, Perform a plugin reset
Why is a plugin reset needed if this Scan requires you to already be on 10.8.2?
"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "
Will this be a credential scan? If so does Tenable assume clients with thousands of agents all share the same user and passwords? A main benefit of using Agents is to avoid credentials. If this is a credential scan, how does this benefit clients with thousands of agents that are unable to provide thousands of credentials that they most likely won't have access to?
ibelyna
1 year ago
Corrected.
Changed
Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2.
To
Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS .
steve_j_ketchum
Connect Contributor
1 year ago
The plugin for Nessus Agent 2025 Refresh is now available. It is Nessus Plugin number 213497. Might be a good idea to do a manual active plugin update.
Still don't know how beneficial it will be without agents being online and able to receive the plugin database update.
- stephane_grunds
  Connect Contributor
  1 year ago
  The only way I think this can be useful, is if you have a remote nessus scanners (not an agent), and perform a credentialled scan. This will be able to log in, and reset the plugins.
  - steve_j_ketchum
    Connect Contributor
    1 year ago
    Understood. The only reason we are using agents is for remote workers without network connectivity except via VPN which Tenable documentation states you should avoid for various reasons. Plus we have centralized IT Security, but decentralized IT which makes this more difficult.
mitangi_k_mehta
Connect Contributor II
1 year ago
We tested a network scan using a Nessus (Cluster) Manager and it does work.
sean_sparks
Connect Contributor
1 year ago
These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes
I cannot seem to locate the permission level and script details in the linked release notes?
arkanter
Connect Contributor
1 year ago
tested as well-- here are the two results I got from running this credentialled scan on ten pilot machines:
result 1: agents remained at 10.8.1 and offline
The Tenable Nessus Agent installed at C:\Program Files\Tenable\Nessus Agent was unsuccessfully reset:
Nessus Agent Service not currently running. Unable to continue.
result 2: agent remained at 10.8.1 and online
The Tenable Nessus Agent installed at C:\Program Files\Tenable\Nessus Agent was successfully reset:
Plugin Reset process completed successfully.
chinmay_kulkarn
Connect Contributor
1 year ago
I believe, from experience, that if teams and organizations have deployed and are running Nessus agents on servers and workstations, they will not have accounts for Nessus scanners to run credentialed scans.
phillip_kim
Connect Contributor
1 year ago
Hello! Quick question, how does Tenable refresh the plugin for the listed versions if the scanners are appearing offline on the platform? In short, how does it still communicate with the agent? Thank you.