About Tenable Nessus Network Monitor Plugins
Tenable Nessus Network Monitor has two sources of plugin information: the .prmx
and .prm
plugin libraries in the plugins
directory.
Tenable distributes its passive vulnerability plugin database in an encrypted format. The encrypted file is named tenable_plugins.prmx
and, if necessary, can be updated daily. Tenable Nessus Network Monitor plugins written by the customer or third parties have the .prm
extension.
Tenable has also implemented passive fingerprinting technology based on the open-source SinFP
tool. With permission from the author, Tenable includes the database of passive operating system fingerprints for the fingerprinting technology in this distribution of Tenable Nessus Network Monitor.
Writing Custom Plugins
Tenable Nessus Network Monitor customers can write their own passive plugins, which are added into the plugins
directory in the Tenable Nessus Network Monitor installation directory. The plugin must end with a .prm
extension to be visible by Tenable Nessus Network Monitor.
Note: You must restart Tenable Nessus Network Monitor if:
-
You add a new custom plugin to the
plugins
directory. Tenable Nessus Network Monitor does not fire the plugin until you restart. -
You delete a
.prm
file manually from theplugins
directory. Tenable Nessus Network Monitor continues to fire the plugin until you restart.