Miscellaneous
This section includes information and settings for credentials in the Miscellaneous section.
ADSI
ADSI requires the domain controller information, domain, and domain admin and password.
ADSI allows Nessus to query an ActiveSync server to determine if any Android or iOS-based devices are connected. Using the credentials and server information, Nessus authenticates to the domain controller (not the Exchange server) to directly query it for device information. This feature does not require any ports be specified in the scan policy. These settings are required for mobile device scanning.
| Option | Description |
|---|---|
|
Domain Controller |
(Required) Name of the domain controller for ActiveSync |
|
Domain |
(Required) Name of the Windows domain for ActiveSync |
|
Domain Admin |
(Required) Domain admin’s username |
|
Domain Password |
(Required) Domain admin’s password |
Nessus supports obtaining the mobile information from Exchange Server 2010 and 2013 only; Nessus cannot retrieve information from Exchange Server 2007.
F5
| Option | Description |
|---|---|
| Username | (Required) Username for a scanning account on the F5 target. |
| Password | (Required) Password associated with the scanning account. |
| Port |
Port to use when connecting to the F5 target. |
| HTTPS | When enabled, connect using secure communication (HTTPS). When disabled, connect using standard HTTP. |
| Verify SSL Certificate | Verify that the SSL certificate is valid. If you are using a self-signed certificate, disable this setting. |
IBM iSeries
| Option | Description |
|---|---|
| Username | (Required) An iSeries username. |
| Password | (Required) An iSeries password. |
Netapp API
| Option | Description |
|---|---|
| Username | (Required) Username for an account on the Netapp system that has HTTPS access. |
| Password | (Required) Password associated with the account. |
| vFiler | If this setting is blank, the scan audits for all discovered Netapp virtual filers (vFilers) on target systems. To limit the audit to a single vFiler, type the name of the vFiler. |
| Port | Ports to scan on target systems. Type a comma-separated list of port numbers. |
OpenStack
| Option | Description |
|---|---|
| Username | (Required) Username for an account on the OpenStack deployment. |
| Password | (Required) Password associated with the account. |
| Tenant Name for Authentication | (Required) Name of the specific tenant the scan uses to authenticate. A tenant (also known as a project) is a group of resources that can be controlled by users in the tenant. |
| Port | (Required) Port that the scanner uses to connect to OpenStack. |
| HTTPS | When enabled, connect using secure communication (HTTPS). When disabled, connect using standard HTTP. |
| Verify SSL Certificate | Verify that the SSL certificate is valid. If you are using a self-signed certificate, disable this setting. |
Palo Alto Networks PAN-OS
| Option | Description |
|---|---|
| Username | (Required) The PAN-OS username. |
| Password | (Required) The Pan-OS password. |
| Port | (Required) The management port number. |
| HTTPS | Whether Tenable.io authenticates over an encrypted (HTTPS) or an unencrypted (HTTP) connection. |
| Verify SSL Certificate | Verify that the SSL certificate is valid. If the target is using a self-signed certificate, disable this setting. |
Red Hat Enterprise Virtualization (RHEV)
| Option | Description |
|---|---|
|
Username |
Username to login to the RHEV server. This is a required field. |
|
Password |
Username to the password to login to the RHEV server. This is a required field. |
|
Port |
Port to connect to the RHEV server. |
|
Verify SSL Certificate |
Verify that the SSL certificate for the RHEV server is valid. |
VMware ESX SOAP API
Access to VMware servers is available through its native SOAP API. VMware ESX SOAP API allows you to access the ESX and ESXi servers via username and password. Additionally, you have the option of not enabling SSL certificate verification:
| Option | Description |
|---|---|
|
Username |
Username to login to the ESXi server. This is a required field. |
|
Password |
Username to the password to login to the ESXi server. This is a required field. |
|
Do not verify SSL Certificate |
Do not verify that the SSL certificate for the ESXi server is valid. |
VMware vCenter SOAP API
VMware vCenter SOAP API allows you to access vCenter.
| Credential | Description |
|---|---|
|
vCenter Host |
(Required) Name of the vCenter host. |
|
vCenter Port |
Port to access the vCenter host. |
|
Username |
(Required) Username to login to the vCenter server. |
|
Password |
(Required) Username to the password to login to the vCenter server. |
|
HTTPS |
Connect to the vCenter via SSL. |
|
Verify SSL Certificate |
Verify that the SSL certificate for the ESXi server is valid. |
X.509
| Option | Description |
|---|---|
|
Client certificate |
(Required) The client certificate. |
| Client key | (Required) The client private key. |
| Password for key | (Required) The passphrase for the key. |
| CA certificate to trust | (Required) The trusted Certificate Authority's (CA) digital certificate. |