Nessus Compliance Checks Auditing System Configurations and Content pot

Tenable Network Security, Inc. • 7063 Columbia Gateway Drive, Suite 100, Columbia, MD 21046 • 410.872.0555 • [email protected] • www.tenable.com

Copyright © 2002-2012 Tenable Network Security, Inc. Tenable Network Security, Nessus and ProfessionalFeed are registered trademarks of Tenable

Network Security, Inc. Tenable, the Tenable logo, the Nessus logo, and/or other Tenable products referenced herein are trademarks of Tenable

Network Security, Inc., and may be registered in certain jurisdictions. All other product names, company names, marks, logos, and symbols

may be the trademarks of their respective owners.

Nessus Compliance Checks

Auditing System Configurations and Content

August 30, 2012

(Revision 61)

Copyright © 2002-2012 Tenable Network Security, Inc. 2

Table of Contents

Introduction ............................................................................................................................... 4

Prerequisites.............................................................................................................................. 4

Nessus ProfessionalFeed and SecurityCenter Customers ......................................................... 4

Standards and Conventions....................................................................................................... 4

Compliance Standards............................................................................................................... 5

Configuration Audits, Data Leakage and Compliance ................................................................ 6

What is an audit?................................................................................................................... 6

Audit vs. Vulnerability Scan ................................................................................................... 6

Example Audit Items.............................................................................................................. 6

Windows.............................................................................................................................................7

Unix ....................................................................................................................................................7

Cisco...................................................................................................................................................8

IBM iSeries .........................................................................................................................................8

Databases ..........................................................................................................................................8

Audit Reports......................................................................................................................... 9

Technology Required................................................................................................................. 9

Unix and Windows Configuration Compliance .nbin Nessus Plugins ..................................... 9

Windows Content Compliance .nbin Nessus Plugin..............................................................10

Database Compliance .nbin Nessus Plugin ..........................................................................10

IBM iSeries Compliance .nbin Nessus Plugin .......................................................................10

Cisco Compliance .nbin Nessus Plugin.................................................................................10

Audit Policies........................................................................................................................10

Helpful Utilities......................................................................................................................11

Unix or Windows Nessus Scanners ......................................................................................11

Credentials for Devices to be Audited...................................................................................11

Using “su”, “sudo” and “su+sudo” for Audits..........................................................................12

sudo Example...................................................................................................................................12

su+sudo Example.............................................................................................................................13

Important Note Regarding sudo .......................................................................................................14

Cisco IOS Example: .........................................................................................................................15

Converting Windows .inf Files to .audit Files with i2a...........................................................16

Obtaining and Installing the Tool...............................................................................................16

Converting the .inf to .audit .......................................................................................................16

Analyzing the Conversion .........................................................................................................16

Correct .inf Setting Format ........................................................................................................16

Converting Unix Configuration Files to .audit Files with c2a................................................19

Obtaining and Installing the Tool...............................................................................................19

Create a MD5 Audit File............................................................................................................20

Create Audit File Based on One or More Configuration Files ....................................................20

Creating a MAP File..................................................................................................................21

Other Uses for the c2a Tool ......................................................................................................22

Manual Tweaking of the .audit Files ..........................................................................................22

Converting Unix Package Lists to .audit Files with p2a ........................................................23

Obtaining and Installing the Tool...............................................................................................23

Copyright © 2002-2012 Tenable Network Security, Inc. 3

Usage...................................................................................................................................24

Create Output File Based on all Installed Packages..................................................................24

Create Output File Based on Package List and Send to the Screen..........................................24

Create Audit File Based on a Specified Input File .....................................................................24

Example Nessus User Interface Usage...................................................................................25

Obtaining the Compliance Checks ............................................................................................25

Configuring a Scanning Policy ..................................................................................................25

Performing a Scan ....................................................................................................................28

Example Results .......................................................................................................................29

Example Nessus for Unix Command Line Usage ..................................................................29

Obtaining the Compliance Checks ............................................................................................29

Using .nessus Files...................................................................................................................30

Using .nessusrc Files ................................................................................................................30

Performing a Scan ....................................................................................................................31

Example Results .......................................................................................................................31

SecurityCenter Usage ..............................................................................................................32

Obtaining the Compliance Checks ............................................................................................32

Configuring a Scan Policy to Perform a Compliance Audit ........................................................32

Managing Credentials ...............................................................................................................35

Analyzing the Results................................................................................................................35

For Further Information ...........................................................................................................37

About Tenable Network Security.............................................................................................38