All,

Andrew has asked me that I configure Nessus for our Weber scan. I just wanted to post the suggested settings and solicit input from those of you that also use Nessus. Chuck, I know USU uses Nessus extensively, so maybe you have some recommendations, especially for an organization of a larger scale.

*Port Scanning Settings:* Port Scan Range: all Consider Unscanned Ports as Closed: false Nessus SNMP Scanner: true Nessus UDP scanner: true netstat portscanner (SSH): false Ping the remote host: true Netstat Portscanner (WMI): false Nessus TCP scanner: true Nessus SYN scanner: false

*Performance:* Max Checks Per Host: 5 Max Hosts Per Scan: 100 Network Receive Timeout: 5 Max Simultaneous TCP Sessions: unlimited Max Simultaneous TCP Sessions Per Scan: unlimited Reduce Parallel Connections on Congestion: true Use Kernel Congestion Detection: true

*Advanced:* Safe Checks: true Silent Dependencies: true Log Scan Details to Server: true Stop Host Scan on Disconnect: true Avoid Sequential Scans: false Designate Hosts by their DNS Name: false

*Plugins*: All enabled except for Denial of Service.

*Preferences:* Do not scan fragile devices: Scan Network Printers: false Scan Novell Netware hosts: true

All other preferences have the default values.