Plaintext Authentication Credentials

Caution: Tenable does not recommend using plaintext credentials. Use encrypted authentication methods when possible.

If a secure method of performing credentialed checks is not available, users can force Nessus to try to perform checks over unsecure protocols; use the Plaintext Authentication options.

This menu allows the Nessus scanner to use credentials when testing HTTP , NNTP, FTP, POP2, POP3, IMAP, IPMI, telnet/rsh/rexec, and SNMPv1/v2c.

By supplying credentials, Nessus can perform more extensive checks to determine vulnerabilities. Nessus uses the supplied HTTP credentials for Basic and Digest authentication only.

Credentials for FTP, IPMI, NNTP, POP2, and POP3 require only a username and password.

HTTP

There are four different types of HTTP Authentication methods: Automatic authentication, Basic/Digest authentication, HTTP login form, and HTTP cookies import.

HTTP Global Settings

Option Default

Description

Login method

POST

Specify if the login action is performed via a GET or POST request.

Re-authenticate delay (seconds)

0

The time delay between authentication attempts. This is useful to avoid triggering brute force lockout mechanisms.

Follow 30x redirections
(# of levels)

0

If a 30x redirect code is received from a web server, this directs Nessus to follow the link provided or not.

Invert authenticated regex

Disabled

A regex pattern to look for on the login page, that if found, tells Nessus authentication was not successful (for example, Authentication failed!).

Use authenticated regex on HTTP headers

Disabled

Rather than search the body of a response, Nessus can search the HTTP response headers for a given regex pattern to determine the authentication state more accurately.

Use authenticated regex on HTTP headers

Disabled

The regex searches are case sensitive by default. This instructs Nessus to ignore case.

Authentication methods

Automatic authentication

Username and Password Required

Basic/Digest authentication

Username and Password Required

HTTP Login Form

The HTTP login page settings provide control over where authenticated testing of a custom web-based application begins.

Option Description

Username

Login user’s name.

Password

Password of the user specified.

Login page

The absolute path to the login page of the application (for example, /login.html).

Login submission page

The action parameter for the form method. For example, the login form for <form method="POST" name="auth_form" action="/login.php"> would be /login.php.

Login parameters

Specify the authentication parameters (for example, login=%USER%&password=%PASS%). If you use the keywords %USER% and %PASS%, they are substituted with values supplied on the Login configurations drop-down box. You can use this field to provide more than two parameters if required (for example, a group name or some other piece of information is required for the authentication process).

Check authentication on page

The absolute path of a protected web page that requires authentication, to assist Nessus in determining authentication status (for example, /admin.html).

Regex to verify successful authentication

A regex pattern to look for on the login page. Simply receiving a 200-response code is not always sufficient to determine session state. Nessus can attempt to match a given string such as "Authentication successful!"

HTTP cookies import

To facilitate web application testing, Nessus can import HTTP cookies from another piece of software (for example, browser, web proxy, etc.) with the HTTP cookies import settings. You can upload a cookie file so that Nessus uses the cookies when attempting to access a web application. The cookie file must be in Netscape format.

NNTP

Setting Description Default
Username (Required) The username for the NNTP account that Tenable Nessus uses to perform checks on the target system. -
Password (Required) The password for the NNTP user. -

FTP

Setting Description Default
Username (Required) The username for the FTP account that Tenable Nessus uses to perform checks on the target system. -
Password (Required) The password for the FTP user. -

POP2

Setting Description Default
Username (Required) The username for the POP2 account that Tenable Nessus uses to perform checks on the target system. -
Password (Required) The password for the POP2 user. -

POP3

Setting Description Default
Username (Required) The username for the POP3 account that Tenable Nessus uses to perform checks on the target system. -
Password (Required) The password for the POP3 user. -

IMAP

Setting Description Default
Username (Required) The username for the IMAP account that Tenable Nessus uses to perform checks on the target system. -
Password (Required) The password for the IMAP user. -

IPMI

Setting Description Default
Username (Required) The username for the IMPI account that Tenable Nessus uses to perform checks on the target system. -

Password (sent in clear)

(Required) The password for the IPMI user. -

telnet/rsh/rexec

The telnet/rsh/rexec authentication section is also username and password, but there are more Global Settings for this section that can allow you to perform patch audits using any of these three protocols.

SNMPv1/v2c

SNMPv1/v2c configuration allows you to use community strings for authentication to network devices. You can configure up to four SNMP community strings.

Setting Description Default
Community string (Required) The community string Tenable Vulnerability Management uses to authenticate on the host device. public
Global Credential Settings

UDP Port

(Required) The TCP ports that SNMPv1/v2c listens on for communications from Tenable Nessus. 161
Additional UDP port #1
Additional UDP port #2
Additional UDP port #3