検出スキャン設定

When enabled, if a port is not scanned with a selected port scanner (for example, the port falls outside of the specified range), the scanner considers it closed.

Specifies the range of ports to be scanned.

The supported ranges are:

• default — Instructs the scanner to scan approximately 4,790 commonly used ports specified in the nessus-services file. You can also combine the default keyword with other ports and port ranges.

  Note: You can convert the nessus-services file to a custom list of ports by performing four consecutive regular expression (regex) replace-all operations in a text editor that supports such operations:

  • .*\s+(\d+)\/(tcp|udp)(\r\n|\r|\n) to $1\/$2,

  • (\d+)\/(tcp|udp) to $2:$1

  • tcp to T

  • udp to U

  You can find the nessus-services file in the following directories, depending on your operating system:

  • Linux — /opt/nessus/var/nessus/nessus-services

  • Windows — C:\ProgramData\Tenable\Nessus\nessus\nessus-services

  • macOS — /Library/Nessus/run/var/nessus/nessus-services

• all — Instructs the scanner to scan all 65,536 ports, including port 0. You cannot combine the all keyword with other ranges.

• A comma-separated list of ports (for example, 21,23,25,80,110), port ranges (for example, 1-1024,9000-9200 or 1-65535 to scan all ports but 0 and T:1-1024,U:300-500 or 1-1024,T:1024-65535,U:1025 to scan separate or overlapping TCP and UDP port ranges), or combinations thereof.

If you disable the UDP, SYN, or TCP port scanner settings in the scan policy Discovery settings, those ports are not scanned despite what range of ports you specify. The UDP and TCP port scanner settings are disabled by default; the SYN port scanner setting is enabled by default.

When enabled, the scanner uses netstat to check for open ports from the local machine. It relies on the netstat command being available via an SSH connection to the target. This scan is intended for Linux-based systems and requires authentication credentials. To use this setting, you must first configure SSH Credentials.

When enabled, the scanner uses netstat to determine open ports while performing a WMI-based scan.

In addition, the scanner:

• Ignores any custom range specified in the Port Scan Range setting.
• Continues to treat unscanned ports as closed if the Consider unscanned ports as closed setting is enabled.

If any port enumerator (netstat or SNMP) is successful, the port range becomes all. To use this setting, you must first configure Windows Credentials.

When enabled, if the appropriate credentials are provided by the user, the scanner can better test the remote host and produce more detailed audit results. For example, there are many Cisco router checks that determine the vulnerabilities present by examining the version of the returned SNMP string. This information is necessary for these audits.

When this setting is enabled, the scanner relies on local port enumeration before relying on network port scans. If a local port enumerator runs, all network port scanners are disabled for the asset.

When this setting is disabled, the scanner performs network port scans regardless of the local port enumeration status.

When enabled, if a local port enumerator (for example, WMI or netstat) finds a port, the scanner also verifies that the port is open remotely. This approach helps determine if some form of access control is being used (for example, TCP wrappers or a firewall).

Use the built-in Tenable Nessus TCP scanner to identify open TCP ports on the targets, using a full TCP three-way handshake. If you enable this option, you can also set the Override Automatic Firewall Detection option.

Use the built-in Tenable Nessus SYN scanner to identify open TCP ports on the target hosts. SYN scans do not initiate a full TCP three-way handshake. The scanner sends a SYN packet to the port, waits for SYN-ACK reply, and determines the port state based on a response or lack of response.

If you enable this option, you can also set the Override Automatic Firewall Detection option.

This setting can be enabled if you enable either the TCP or SYN option.

When enabled, this setting overrides automatic firewall detection.

This setting has three options:

• Use aggressive detection attempts to run plugins even if the port appears to be closed. It is recommended that this option not be used on a production network.

• Use soft detection disables the ability to monitor how often resets are set and to determine if there is a limitation configured by a downstream network device.

• Disable detection disables the firewall detection feature.

This option engages the built-in Tenable Nessus UDP scanner to identify open UDP ports on the targets.

Due to the nature of the protocol, it is generally not possible for a port scanner to tell the difference between open and filtered UDP ports. Enabling the UDP port scanner may dramatically increase the scan time and produce unreliable results. Consider using the netstat or SNMP port enumeration options instead if possible.