"Credentialed scans on Windows systems often fail due to blocked ports, misconfigured firewalls or limited account privileges. When this happens, Nessus may be unable to perform the necessary authenticated checks through SMB or WMI, resulting in incomplete scan results. The following walkthrough outlines the key steps and observations made while resolving such issues during a real-world scan exercise. 1. Initial Network Assessment to Check Reachability Before initiating a credentialed scan, network connectivity between the Nessus scanner and the target host should be verified."
"In this scenario, a preliminary port scan was conducted. However, the commonly used management ports (135 and 445) did not appear in the results. This indicated that the host was reachable but not allowing inbound connections on these ports. The issue was traced to the host's firewall which was filtering or blocking access to the required SMB and RPC services."
Credentialed Windows vulnerability scans often fail when SMB and RPC ports are blocked, when host firewalls are misconfigured, or when scanner accounts lack privileges. Confirm network connectivity between the scanner and target before starting credentialed scans. Perform a preliminary port scan to verify reachability and presence of management ports such as 135, 139 and 445. If management ports are absent, adjust host inbound firewall rules to allow SMB traffic. Re-run scans and verify port status via SYN scans. If ports remain filtered, check network-level controls (firewall, IPS/IDS) and whitelist the scanner IP range. Validate SMB access and authenticated checks after connectivity is restored.
Read at Medium
Unable to calculate read time
Collection
[
|
...
]