Using Nessus Thorough Checks for In-depth Audits

Nessus users have a wide range of powerful options whose functionality
is critical to a successful vulnerability scan, but whose meaning may not be completely
clear. An example of this is the “Thorough tests” option. There is more to this
option than meets the eye and knowing how to properly use it will help you
customize your scan policies to your specific needs. By default, this option is
disabled; however, of the more than 34,000 plugins available with Nessus, over
900 behave differently if this option is enabled. This blog describes what the feature
does and provides some examples of where the option should or should not be
used.

The “Thorough tests” option is located in the scan policy
“Preferences” section of the Nessus 4.x web interface. Within this section choose
the “Plugin” dropdown and select “Global variable settings”: To
use this option, click on the “Thorough tests (slow)” checkbox, which will
trigger the “thorough_tests” keyword within the Nessus plugin script files
(.nasl). The following sections describe its functionality.

Enables More Complete Checks

The
main advantage, of course, is a more thorough vulnerability scan. Since not all
Nessus scans require a full plugin run, certain plugins will not run unless
“Thorough tests” is enabled. For example, some of the web application (continue reading...)