Recently Viewed Topics
You can use Assessment settings to configure how a scan identifies vulnerabilities, as well as what vulnerabilities are identified. This includes identifying malware, assessing the vulnerability of a system to brute force attacks, and the susceptibility of web applications.
The Assessment settings include the following sections:
The Tenable.io interface provides descriptions of each option. The Custom option displays different Assessment settings depending on the selected template.
Basic Network Scan
Basic Web App Scan
Internal PCI Network Scan
|Modbus/TCP Coil Access||
Modbus uses a function code of 1 to read coils in a Modbus slave. Coils represent binary output settings and are typically mapped to actuators. The ability to read coils may help an attacker profile a system and identify ranges of registers to alter via a write coil message.
Start at Register
The register at which to start scanning.
|End at Register||16||The register at which to stop scanning.|
|ICCP/COTP TSAP Addressing Weakness||
The ICCP/COTP TSAP Addressing menu determines a Connection Oriented Transport Protocol (COTP) Transport Service Access Points (TSAP) value on an ICCP server by trying possible values.
|Start COTP TSAP||8||Specifies the starting TSAP value to try. Tenable.io tries all values between the Start and Stop values.|
|Stop COTP TSAP||8||Specifies the ending TSAP value to try. Tenable.io tries all values between the Start and Stop values.|
By default, Tenable.io does not scan web applications. When you first access the Web Application section, the Scan Web Applications setting appears and is set to Off. To modify the Web Application settings listed on the following table, click the Off button. The rest of the settings appear.
The Web Applications section includes the following groups of settings:
|Disable DNS resolution||Disabled||Checking this option prevents Tenable.io from using the cloud to compare scan findings against known malware.|
|Hash and Whitelist Files|
|Provide your own list of known bad MD5 hashes||None||
A text file with one MD5 hash per line that specifies additional known bad MD5 hashes.
Optionally, you can include a description for a hash by adding a comma after the hash, followed by the description. If any matches are found when scanning a target, the description appears in the scan results. You can also use hash-delimited comments (e.g., #) in addition to comma-delimited comments.
|Provide your own list of known good MD5 hashes||None||
A text file with one MD5 hash per line that specifies additional known good MD5 hashes.
Optionally, you can include a description for each hash by adding a comma after the hash, followed by the description. If any matches are found when scanning a target, and a description was provided for the hash, the description appears in the scan results. You can also use hash-delimited comments (e.g., #) in addition to comma-delimited comments.
|Hosts file whitelist||None||
Tenable.io checks system hosts files for signs of a compromise (e.g., Plugin ID 23910 titled Compromised Windows System (hosts File Check)). This option allows you to upload a file containing a list of IPs and hostnames you want Tenable.io to ignore during a scan. Include one IP and one hostname (formatted identically to your hosts file on the target) per line in a regular text file.
|File System Scanning|
|Scan file system||Off||
Turning on this option allows you to scan system directories and files on host computers.
Caution: Enabling this setting in scans targeting 10 or more hosts could result in performance degradation.
|Custom Filescan Directories||None||A custom file that lists directories to be scanned by malware file scanning. List each directory on one line.|
|Yara Rules File||None||A .yar file containing the YARA rules to be applied in the scan. You can only upload one file per scan, so include all rules in a single file. For more information, see yara.readthedocs.io.|