Detecting Ports and Services

Open ports can pose a security risk if they are associated with services that have known vulnerabilities, or if they are unintentionally exposed to the internet. Ports and services must be regularly audited and monitored to ensure only necessary services are accessible and they are adequately protected against potential threats. Secure design includes the concept of least privilege and minimizing the attack surface, including the identification of unprotected ports and services. Disable unused and unprotected ports and services to reduce the attack surface and minimize risk.

Detecting Ports

Tenable Nessus does not scan all ports by default. To scan all ports edit the scan policy, under Discovery –> Port Scanning.

The port scan range can be set to an explicit value, range, combination of both, or default. When set using the keyword 'default,' the scanner scans approximately 4,790 common ports. This can be set to ‘all’ to scan all 65,536 ports (including port 0). The list of ports can be found in the nessus-services file on the Tenable Nessus scanner. This list can change over time.

Note: There are risks associated with scanning all ports, as some sensitive devices may react abnormally. Ensure that you are aware of the devices you are scanning by altering this setting.