advertisement
cpe
Match
Regex
Filter the results of discovered vulnerabilities based on their CPE identifier.
This keyword specifies a set of one or more simple ASCII patterns that must be present in order for the more complex pattern analysis to take place. The match keyword gives
PVS a lot of its performance and functionality.
This keyword specifies a complex regular expression search rule that will be applied to the network session.
Revision number associated with custom plugin.
Revision
Raw Text Preview
A preview of the custom plugin in raw text.
Example of a custom plugin created to find a IMAP Banner of Tenable Rocks: id=79000 name=IMAP Banner description=An IMAP server is running on this port. Its banner is Tenable Rocks risk=NONE match=OK match=IMAP match=server ready regex=^.*OK.*IMAP.*Tenable Rocks
Manage the PVS Interface
Monitoring
The following instructions explain how to perform the actions available on the Monitoring page.
Filter Results
1. In the Hosts, Vulnerabilities, Applications, Operating Systems, or Connections section, in the upper right corner, click the Filter <section name> drop-down box.
2. Type the criteria by which you want to filter results directly into the box.
-or-
Click the button in the box.
The Filter Results window appears.
3. Configure the filter options as necessary, and click the Apply Filters button.
On-the-fly filter results cannot be exported. If you want to export filter results, you will need to configure the filter(s) in the Filter Results window. Additionally, on-the-fly filter results are not stored when a user navigates to another page in PVS.
Export Results
1. In the Dashboards section, in the upper right corner, click the Actions drop-down box.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
58
2. Select Export Results.
The Export Results screen appears.
3. Configure the export options as necessary, and click the Export button.
An automatic download will begin, and you can save the report from the web browser.
On-the-fly filter results cannot be exported. If you want to export filter results, you will need to configure the filter(s) in the Filter Results window.
Rearrange Charts
1. In the Dashboards section, select the heading of the chart that you want to reposition.
2. Move the chart to a different location on the dashboard, and release the pointer.
The chart is moved, and the dashboard configuration is saved for your user account.
Set a Range for a Dashboard
1. In the Dashboards section, in the upper left corner, click the drop-down box.
2. In the drop-down menu, you can do one of the following:
Select one of the preset time intervals.
Select a beginning and end date from the available calendars, and specify a time associated with each date.
Manually enter dates in the two text boxes with the format YYYY/MM/DD, and specify a time associated with each date.
All the charts on the page are refreshed to reflect the selected time interval.
Refresh a Dashboard
1. In the Dashboards section, in the upper right corner, click the button.
All of the charts on the page are refreshed.
Additionally, selecting Dashboards on the left side of the Monitoring page or refreshing your web browser will refresh all the charts on the page.
Refresh an Individual Chart
1. In the Dashboards section, in the upper right corner of the chart that you want to refresh, click the button.
The selected chart is refreshed.
Remove a Chart from a Dashboard
1. In the Dashboards section, in the upper right corner of the chart that you want to remove, click the button.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
59
The selected chart is removed from the dashboard.
Results
The following instructions explain how to perform the actions available on the Results page.
Upload a Report/Pcap
1. On the Results page, in the upper right corner, click the Upload drop-down box.
2. Select Report or Pcap.
Depending on your selection, the Upload Results or Upload Pcap window appears, where you can select a file to upload.
3. After you have selected a file, click the Upload button.
The report or pcap appears at the top of the Listing Results list on the Results page.
Filter Results
1. On the Results page, in the upper right corner, click the Filter Results drop-down box.
2. Select Snapshot, Manual, or Pcap.
The Listing Results list will be filtered by the report type that you selected.
Users
The following instructions explain how to perform the actions available on the Users page.
Create a New User
1. On the Users page, in the upper right corner, click the New User button.
The New User window appears.
2. Enter the new user information as needed.
Note: The username is case sensitive, and the password must conform to the minimal PVS password policy.
3. If you want the new user to have administrative privileges, then select the Administrator check box.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
60
When a user is created, which will authenticate with SSL Client Certificates, the user name must match the
Common Name in the certificate.
4. Click the Create User button.
The user is saved, and appears in the Listing Users area.
Modify a User Account
Before You Begin
In order to modify a user’s account, you must access PVS using an account with administrative privileges.
Steps
1. On the Users page, select a user from the list.
The Edit User <username> window appears.
2. Modify the properties as needed, and click the Update button.
Additionally user accounts can have their password reset via command line interface by issuing the following command for your operating system from the pvs binary directory:
./pvs --users --chpasswd admin
Reset a Locked Account
Before You Begin
In order to unlock a user account, you must access PVS using an account with administrative privileges.
Steps
1. On your Linux operating system, use the following command:
# -rm /opt/pvs/var/pvs/users/<locked account name>/hash.lockedout
-or-
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
61
On your Mac operating system, use the following command:
# -rm /Library/PVS/var/pvs/users/<locked account name>/hash.lockedout
-or-
On your Windows operating system, use the following command:
del C:\ProgramData\Tenable\PVS\pvs\users\<locked_account_name>\hash.lockedout
Alternatively, a user with administrative privileges can navigate to this directory and manually delete the
hash.lockedout file.
Delete a User
1. On the Users page, hover over the user you want to delete.
On the right side of the row, the button appears.
2. To delete the user, click the button.
A dialog box appears, confirming your selection to delete the user.
3. Click the Delete button.
The user is deleted.
Configuration
The following instructions explain how to perform the actions available on the Configuration page.
Download New Vulnerability Plugins
Before You Begin
When PVS is registered in Standalone mode using an Activation code, plugins are updated automatically every 24 hours after the service is started.
If SecurityCenter is being used to manage PVS, new plugins for PVS will automatically be sent at scheduled intervals and the
PVS Proxy will restart PVS as needed.
Steps
1. Access the Feed Settings section.
2. Under the Feed Registration & Plugin Update heading, click the Update Plugins button.
The plugins may be updated from the command line using the following command:
# pvs --update-plugins
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
62
Create a Custom Chart
1. Access the Chart Settings section.
2. In the upper right corner, click the Create Chart button.
The Create Chart window appears.
3. Enter a name and description for the chart.
In this example, we are creating a dashboard to display the top vulnerabilities for machines reporting associated
BitTorrent activity.
4. In the Chart Type section, select the type of chart that you want to display.
5. In the Dashboard Family section, enter a numeric value between 1 and 20 that will represent the number of items returned for this chart. Click the text Top to add this value to the Current Chart Query section.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
63
6. In the Category section, select a chart category, which will determine the type of items that will be displayed on the chart, such as hosts, vulnerabilities, applications, operating systems, or connections.
7. In the Filter section, configure the options by which you want to filter the results, and then select the + button to apply the rule to the chart.
In this example, a filter based on the Plugin ID 3920 was created, which triggers when BitTorrent client activity is detected.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
64
8. In the Viewable section, select whether you want the chart to be viewable on the main dashboard.
9. Click the Create Chart button. The chart will appear in the Dashboards section of the Monitoring page.
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.
65
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement