On Oct 2, 2008, at 8:10 PM, Chilcott, Mike wrote: > Using the Nessus Client I created many (approx 85) .nessus > files, because we have large Class B network – and I wanted to space > out each of the scans over a couple of days. I then created .sh > files and placed them into the crontab to run at scheduled times and > days. If I run them with the default scan everything works, but I > want to make better use of the product, and am stumped… > I used the baseline scan policy of Microsoft Patches, and only > selected the Microsoft patches for 06, 07, and 08. We have a > standard software image so I really don’t need to scan for the other > miscellaneous software, so I then save this policy as “new ms > patches” – now here is where I am stumped – I want all 85 of > these .nessus files to use this new ms patches policy and next month > when MS comes out with 4 patches I am going to have to go into each > of those 85 files to select the new patches. > I though I could use the “Share this policy across multiple > sessions” but it will not work. I found in the docs the following: > “Note that a policy which has the “Share this policy across multiple > sessions” option selected cannot be saved to a .nessus file. Using > this option means that the policy is to become one of the default > policies displayed whenever the NessusClient is started or whenever > the “New Session” option is selected from the main menu. > Any thought or ideas so I don’t have to go in and modify > 85 .nessus files each month? >
You should create a .nessus policy with the "Windows : Microsoft Bulletins" family enabled. All the new plugins in this family will be automatically selected. And Nessus is optimized to only perform recent scan against your host, for example plugins for XP SP2 patches are not launched if you are running XP SP3. Nicolas _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
