You're reading from Network Scanning Cookbook Practical network security using Nmap and Nessus 7

Product type Paperback

Published in Sep 2018

Publisher Packt

ISBN-13 9781789346480

Length 304 pages

Edition 1st Edition

Tools

Nessus

Concepts

Network Security

Author (1):

Sairam Jetty

View More author details

Table of Contents (10) Chapters

Preface

1. Introduction to Network Vulnerability Scanning FREE CHAPTER

2. Understanding Network Scanning Tools

3. Port Scanning

4. Vulnerability Scanning

5. Configuration Audits

6. Report Analysis and Confirmation

7. Understanding the Customization and Optimization of Nessus and Nmap

8. Network Scanning for IoT, SCADA/ICS

9. Other Books You May Enjoy

Leave a review - let other readers know what you think

Understanding the Nessus Audit policy and its customization

The Nessus Audit files consist of custom XML-based rules which are needed to perform configuration audit for various platforms. These files allow the user to perform value and regex-based comparisons of the current configuration and determine the gaps present. In general, it is expected that these audit files are prepared in line with the industry standard baselines so that the actual compliance gaps are shown and the administration team can work on hardening and compliance at the same time. A custom audit file is to be saved with the extension .audit.

The following is a generic syntax of a check in the audit files:

<item>
 name                       : " "
 description            :  " "
 info                           : " "
 value                        : " "
</item>

We will...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Jetty

Sairam Jetty has more than 5 years of hands-on experience in many verticals of penetration testing, compliance, digital forensics, and malware research. He is currently working with Paladion Networks, Abu Dhabi, as a senior analyst and team lead. He has assisted and associated with various financial, telecom, and industrial institutions for testing and securing their applications and environments. Sairam has industry-standard certifications, such as OSCP, Digital Forensic Analyst, Digital Forensic Investigator, and Mobile Security Expert. He also specializes in source code review and mobile application security. He has acquired a great knowledge of SCADA/ICS and nuclear security from his corporate experience and self-learning.

See other products by Jetty