Tenable Research Release HighlightNessus Agent Reset Plugin and Scan Template Summary Tenable Research has released a Credentialed Scan plugin and Scan Template “Nessus 10.8.0 / 10.8.1 Agent Reset” in support of addressing the issues in the Nessus Agent 10.8.0 and 10.8.1.ChangeNew Scan Template: “Nessus 10.8.0 / 10.8.1 Agent Reset”Pre-requisite: Ensure that the agent version is set to 10.8.2 or 10.7.x in Agent Profile (for TVM) and Nessus Manager (for TSC).This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes (https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2) under the [Perform a plugin reset] section. Notes: The Nessus Agent Reset plugin will only run from the provided Scan Template and will not reset Nessus Agents when run from any other Scan Template. For Ubuntu/Debian Unix credentials, please ensure that only one set of privilege escalation credentials are provided with the required permissions level for the OS script to execute. 13 JAN 2025 UPDATE: Please note that triggering a plugin reset will result in a large spike in network traffic. ImpactWithout this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS. Using this Scan Template and Credentialed Scan plugin, customers can run the Nessus Agent Reset scripts on each updated Nessus Agent from a Remote Credentialed Scan, with the necessary credentials and permissions, using Nessus, Nessus Manager, T.VM, and T.SC (released 08 JAN).Target Release Date07 JAN 2025

ETA on T.sc? EOD or maybe by the end of the week? Just curious as it wasn't listed.

T.SC Scan Template is in testing now. Pushing for release soonest.

You can use Nessus Manager (Nessus for Agents) if you've got one connected to SC.

Trying to understand who this benefits and how exactly. "This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. ""Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2. "The two statements are conflicting. Does this perform plugin resets for agent hosts on 10.8.0 or 10.8.1 (which makes sense), or does this need to be executed only after upgrading to 10.8.2. If the latter why would anyone need to utilize this scan if they're already on 10.8.2 which is listed as one of two methods to resolve the agent offline issue?https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2 states There are two methods you can use to recover the offline agents. Choose the method that follows your organization's agent management standards:Upgrade to 10.8.2 or downgrade to 10.7.3If your organization uses internal automation or manually updates using install packages, use the following steps to bring agents back online:Download the Tenable Nessus Agent 10.8.2 or 10.7.3 install package.OR, Perform a plugin resetWhy is a plugin reset needed if this Scan requires you to already be on 10.8.2?"This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. "Will this be a credential scan? If so does Tenable assume clients with thousands of agents all share the same user and passwords? A main benefit of using Agents is to avoid credentials. If this is a credential scan, how does this benefit clients with thousands of agents that are unable to provide thousands of credentials that they most likely won't have access to?

Corrected. Changed Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2.ToWithout this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS .

ibelyna

9 months ago

Tenable Research Release Highlight Nessus Agent Reset...

Tenable Research Release Highlight

Nessus Agent Reset Plugin and Scan Template

Summary

Tenable Research has released a Credentialed Scan plugin and Scan Template “Nessus 10.8.0 / 10.8.1 Agent Reset” in support of addressing the issues in the Nessus Agent 10.8.0 and 10.8.1.

Change

New Scan Template: “Nessus 10.8.0 / 10.8.1 Agent Reset”
Pre-requisite: Ensure that the agent version is set to 10.8.2 or 10.7.x in Agent Profile (for TVM) and Nessus Manager (for TSC).

This Scan Template and Credentialed Scan plugin will run OS specific scripts to remotely reset the agent plugins on Windows, Mac OS or ‘Nix based Nessus Agent host machines on 10.8.0 or 10.8.1. These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes (https://docs.tenable.com/release-notes/Content/nessus-agent/2025.htm#10.8.2) under the [Perform a plugin reset] section.

Notes:

The Nessus Agent Reset plugin will only run from the provided Scan Template and will not reset Nessus Agents when run from any other Scan Template.
For Ubuntu/Debian Unix credentials, please ensure that only one set of privilege escalation credentials are provided with the required permissions level for the OS script to execute.
13 JAN 2025 UPDATE: Please note that triggering a plugin reset will result in a large spike in network traffic.

Impact

Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS. Using this Scan Template and Credentialed Scan plugin, customers can run the Nessus Agent Reset scripts on each updated Nessus Agent from a Remote Credentialed Scan, with the necessary credentials and permissions, using Nessus, Nessus Manager, T.VM, and T.SC (released 08 JAN).

Target Release Date

07 JAN 2025

Target

Tenable Research

17 Replies

bjones2115
8 months ago
Is there any thought to developing plugin that can be used to relink and agent that is unlinked from nessus manager? Restart the service if not runnings etc .. That would be really helpful.....
omanon
8 months ago
Is there a video that shows how to configure the 10.8.0/10.8.1 scan? I am clueless about the credential part.
fernando_castil
9 months ago
So just to confirm, if someone can please... If I update to 10.8.2, or down to 10.7.3, will that alone fix everything, or do i still need to run a credentialed scan and run that plugin reset scan job?
phillip_kim
Connect Contributor
9 months ago
Hello! Quick question, how does Tenable refresh the plugin for the listed versions if the scanners are appearing offline on the platform? In short, how does it still communicate with the agent? Thank you.
chinmay_kulkarn
Connect Contributor
9 months ago
I believe, from experience, that if teams and organizations have deployed and are running Nessus agents on servers and workstations, they will not have accounts for Nessus scanners to run credentialed scans.
arkanter
Connect Contributor
9 months ago
tested as well-- here are the two results I got from running this credentialled scan on ten pilot machines:
result 1: agents remained at 10.8.1 and offline
The Tenable Nessus Agent installed at C:\Program Files\Tenable\Nessus Agent was unsuccessfully reset:
Nessus Agent Service not currently running. Unable to continue.
result 2: agent remained at 10.8.1 and online
The Tenable Nessus Agent installed at C:\Program Files\Tenable\Nessus Agent was successfully reset:
Plugin Reset process completed successfully.
sean_sparks
Connect Contributor
9 months ago
These scripts and the permissions level each script requires are detailed in the Nessus Agent 10.8.2 Release Notes
I cannot seem to locate the permission level and script details in the linked release notes?
mitangi_k_mehta
Connect Contributor
9 months ago
We tested a network scan using a Nessus (Cluster) Manager and it does work.
steve_j_ketchum
Connect Contributor
9 months ago
The plugin for Nessus Agent 2025 Refresh is now available. It is Nessus Plugin number 213497. Might be a good idea to do a manual active plugin update.
Still don't know how beneficial it will be without agents being online and able to receive the plugin database update.
- stephane_grunds
  Connect Contributor
  9 months ago
  The only way I think this can be useful, is if you have a remote nessus scanners (not an agent), and perform a credentialled scan. This will be able to log in, and reset the plugins.
  - gerron_thurman
    Connect Contributor
    9 months ago
    Similar situation. We're using agents to avoid credential scans for thousands of VMs. I hope a security vendor doesn't assume all clients have the same credentials across thousands of environments.
ibelyna
9 months ago
Corrected.
Changed
Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS after upgrading to 10.8.2.
To
Without this script, customers would have to logon to each Nessus Agent host and run the appropriate Nessus Agent Reset script for that host OS .