You are here: Nessus Manager and Professional > User Management Commands > Add a User > Network and Port Rules

TOC & Recently Viewed

Recently Viewed Topics

Network and Port Rules

To configure Nessus network scanning rules, the syntax is the following:

accept|reject address/netmask:ports

The address/netmask is in CIDR notation. For example, this will not let a user scan any IP address in the /24 (standard class C) network:

reject 10.42.123.0/24

For example, this will let a user scan any IP address in the /8 (standard class A) network:

accept 10.1.1.0/8

Additionally, you can define ports or a port range to be allowed or denied certain ports. For example, to forbid connecting to port 80 for 10.0.0.1:

reject 10.0.0.1:80

For example, to allow connecting to ports 8000 - 10000 for any host in the 192.168.0.0/24 subnet:

accept 192.168.0.0/24:8000-10000

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.