If you have always-on connection to the Internet, automatic Nessus database update is the preferred method. For the manual method, here is the command to update your Nessus plugins : After several time, depending on your Internet connection speed, the update process is done.Next, you might want to check your Nessus Plugin Feed version, to make sure that you have update it correctly.You will also need the Plugin ID #64455 (see below) and support audit on ESXi 4.x and 5.x, as well as v Center 4.x and 5 Vmware @ view=single&id=64455 This Plugin implements the VMware SOAP API to audit ESX, ESXi, and v Center software For free scanner, probably - Nexpose (Community) - one yr licence @ https://community.rapid7.com/community/nexpose?The below pdf is useful @ https://support.tenable.com/support-center/nessus_compliance_Also another document that drill into the syntax (if it is of interest) used to create custom .audit files that can be used to audit the configuration of Unix, Windows, database, SCADA, IBM i Series, and Cisco systems against a compliance policy as well as search the contents of various systems for sensitive content.The Appendix has example of audit and even the use of makign a XML into a .audit with xsltproc @ https://support.tenable.com/support-center/nessus_compliance_Specifically on VMware (see pg154) , nessus .audit already has supports three types of checks namely AUDIT_VM, AUDIT_ESX and AUDIT_VCENTER.
241907 files and directories currently installed.) Preparing to replace nessus 5.0.3 (using Nessus-5.2.0-debian6_amd64.deb) …
Is there anyway to see/export a list of the exact checks a nessus .audit (compliance checks) file is going to go through without nessus? they have a website that lets you browse their plugins, but I was interested in seeing what certain .audit files were actually checking for.
If you use nessus and have run the .audit files, can you chose/exclude certain checks from the list of checks it runs?
It is written in NASL (Nessus Attack Scripting Language).
There are currently 25638 different plugins used by Nessus, covering local and remote flaws.