Forum Discussion
Tenable Research Release Highlight Nessus Agent Reset...
Tenable Research Release Highlight
Nessus Agent Reset Plugin and Scan Template
Summary
Tenable Research has released a Credentialed Scan plugin and Scan Template “Nessus 10.8.0 / 10.8.1 Agent Reset” in support of addressing the issues in the Nessus Agent 10.8.0 and 10.8.1.
Change
- New Scan Template: “Nessus 10.8.0 / 10.8.1 Agent Reset”
- Pre-requisite: Ensure that the agent version is set to 10.8.2 or 10.7.x in Agent Profile (for TVM) and Nessus Manager (for TSC).
This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes (https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2) under the [Perform a plugin reset] section.
Notes:
- The Nessus Agent Reset plugin will only run from the provided Scan Template and will not reset Nessus Agents when run from any other Scan Template.
- For Ubuntu/Debian Unix credentials, please ensure that only one set of privilege escalation credentials are provided with the required permissions level for the OS script to execute.
- 13 JAN 2025 UPDATE: Please note that triggering a plugin reset will result in a large spike in network traffic.
Impact
Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS. Using this Scan Template and Credentialed Scan plugin, customers can run the Nessus Agent Reset scripts on each updated Nessus Agent from a Remote Credentialed Scan, with the necessary credentials and permissions, using Nessus, Nessus Manager, T.VM, and T.SC (released 08 JAN).
Target Release Date
07 JAN 2025
17 Replies
Trying to understand who this benefits and how exactly.
"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "
"Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2. "
The two statements are conflicting. Does this perform plugin resets for agent hosts on 10.8.0 or 10.8.1 (which makes sense), or does this need to be executed only after upgrading to 10.8.2. If the latter why would anyone need to utilize this scan if they're already on 10.8.2 which is listed as one of two methods to resolve the agent offline issue?
https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2 states
There are two methods you can use to recover the offline agents. Choose the method that follows your organization's agent management standards:
- Upgrade to 10.8.2 or downgrade to 10.7.3
- If your organization uses internal automation or manually updates using install packages, use the following steps to bring agents back online:
- Download the Tenable Nessus Agent 10.8.2 or 10.7.3 install package.
OR, Perform a plugin reset
Why is a plugin reset needed if this Scan requires you to already be on 10.8.2?
"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "
Will this be a credential scan? If so does Tenable assume clients with thousands of agents all share the same user and passwords? A main benefit of using Agents is to avoid credentials. If this is a credential scan, how does this benefit clients with thousands of agents that are unable to provide thousands of credentials that they most likely won't have access to?
T.SC Scan Template is in testing now. Pushing for release soonest.
ETA on T.sc? EOD or maybe by the end of the week? Just curious as it wasn't listed.
You can use Nessus Manager (Nessus for Agents) if you've got one connected to SC.
