"Configuring a Windows host for Nessus credentialed scans typically requires more effort compared to Linux systems. While Linux hosts often allow seamless authentication via SSH, Windows introduces additional layers such as authentication models, UAC restrictions, firewall configurations, and service dependencies that must be properly aligned for successful host scanning. The following configuration was performed in a laboratory setup where the Nessus scanner operated on a Kali Linux machine (192.168.50.50) and the target Windows Server was hosted at 192.168.50.10 in virtual environment."
"When a Windows server is not joined to a domain, a local account must be created and configured with administrative privileges to support credentialed checks. 1. Creating a Local Administrator Account By default, Windows uses the Guest only model which causes all remote logins to authenticate as guests. This prevents remote vulnerability audits like nessus host scans from succeeding. To prevent this, the security model is required to change to Classic - local users authenticate as themselves."
Windows hosts require specific configuration to allow Nessus credentialed scans, including correct authentication model, administrative accounts, SMB shares, firewall and service settings. A lab setup used a Kali Linux Nessus scanner at 192.168.50.50 and a Windows Server at 192.168.50.10. For standalone servers, a local administrative account must be created and the network access security policy must be changed from Guest only to Classic so local users authenticate as themselves. Administrative SMB shares ADMIN$, C$, and IPC$ must be accessible. Additional steps include adjusting UAC, firewall rules, and ensuring required services run for successful credentialed scanning.
Read at Medium
Unable to calculate read time
Collection
[
|
...
]