1. Home
  2. Network Vulnerabilities
  3. How to remediate – Port scanners settings
Searching...

How to remediate – Port scanners settings

Contents

1. Introduction

Port scanners settings relate to the configuration options used by network scanning tools like Nessus. Incorrectly configured port scanners do not directly create a security risk, but can lead to inaccurate results and missed vulnerabilities. This affects systems running any service accessible via TCP or UDP ports. A business could be exposed to undetected threats if scans are incomplete or misleading. The likely impact is low on confidentiality, integrity, and availability as this issue concerns the accuracy of scanning rather than direct exploitation.

2. Technical Explanation

This plugin manages global variables for Nessus port scanners. It doesn’t actively check security; it only sets options that influence how scans are performed. There is no root cause to exploit as this is a configuration setting, not a flaw. An attacker cannot directly exploit this. The scope of impact is limited to the accuracy and completeness of Nessus scan results.

  • Root cause: Configuration settings for port scanning tools.
  • Exploit mechanism: Not applicable; no exploitation path exists.
  • Scope: Nessus scanners, and systems scanned by them.

3. Detection and Assessment

Confirming the scanner is configured correctly involves reviewing its global settings. There isn’t a specific vulnerability to detect, but you can check for unusual or overly restrictive configurations.

  • Quick checks: Check the Nessus user interface under Settings > Global Preferences to review scan options.
  • Scanning: Not applicable; this is not a vulnerability that scanners detect.
  • Logs and evidence: Review Nessus logs for unusual scan behaviour or errors related to port scanning settings, if any.
# No command available as this relates to UI configuration.

4. Solution / Remediation Steps

Review and adjust the global variables in your Nessus scanner to ensure comprehensive scan coverage. These steps focus on verifying appropriate settings, not fixing a flaw.

4.1 Preparation

  • Dependencies: Ensure you have administrator access to the Nessus scanner. Roll back by restoring the previous configuration backup if needed.
  • Change window needs: Changes can be made during normal business hours, but review is advised.

4.2 Implementation

  1. Step 1: Log in to the Nessus web interface as an administrator.
  2. Step 2: Navigate to Settings > Global Preferences.
  3. Step 3: Review scan options such as port range, scan speed and concurrency. Ensure these are appropriate for your network environment.
  4. Step 4: Save any changes made to the global preferences.

4.3 Config or Code Example

Before

# Default scan settings may be too restrictive for some environments.  Example: Limited port range.

After

# Adjust port range to cover all common ports (1-65535) if required. Example: Port Range = 1-65535

4.4 Security Practices Relevant to This Vulnerability

Regular review of security tools and their configurations is key. Accurate scanning relies on correct settings, so consistent checks are important.

  • Practice 1: Configuration management ensures scanners remain correctly configured over time.

4.5 Automation (Optional)

Not applicable; this configuration is best managed through the Nessus web interface. Scripting changes could introduce errors.

# No script available as this relates to UI configuration.

5. Verification / Validation

Confirm the fix worked by running a test scan and verifying it covers all expected ports. Check that no ports are being missed due to incorrect settings.

  • Post-fix check: Run a Nessus scan against a known target and verify it reports on all open ports.
  • Re-test: Re-run the earlier configuration review to confirm settings have not reverted.
  • Monitoring: Review Nessus logs for any errors related to port scanning or incomplete scans.
# No command available as this relates to UI configuration and scan results review.

6. Preventive Measures and Monitoring

Regularly update security baselines to include appropriate scanner configurations. Incorporate checks in deployment pipelines to ensure settings are consistent across environments, for example by documenting the expected configuration.

  • Baselines: Update a security baseline or policy with recommended Nessus scan settings.
  • Pipelines: Add documentation checks during deployments to verify correct scanner configurations.
  • Asset and patch process: Review scanner configurations periodically as part of your asset management cycle.

7. Risks, Side Effects, and Roll Back

Incorrectly configured scanners may cause network performance issues or generate excessive alerts. Always test changes in a non-production environment first.

  • Risk or side effect 1: Overly aggressive scans can impact network performance. Mitigation: Limit scan speed and concurrency.
  • Risk or side effect 2: Incorrect settings may miss vulnerabilities. Mitigation: Regularly review configuration and test scan coverage.
  • Roll back: Restore the previous Nessus configuration backup if needed.

8. References and Resources

Updated on December 27, 2025

Was this article helpful?

Yes No

Related Articles