2. Answers<\/h2>\n\n- I would test if anonymous login is allowed. When you perform a new scan with nessus, you’ll find a template for that under credentials.
\n![\"\"](\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/nessus_1.png\")
<\/li>\n - Under credentials there is also a template for windows. Here you can enter your active directory credentials.
\n![\"\"](\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/nessus_2.png\")
<\/li>\n - I’d use the default SYN Scan with soft detection enabled.
\n![\"\"](\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/nessus_3.png\")
<\/li>\n - I didn’t find any option for that. By default setting it’s not possible, but it works if hydra is installed on the same system.
\n![\"\"](\"https:\/\/cas.cybercop-training.ch\/wp-content\/uploads\/2021\/02\/nessus_4.png\")
<\/li>\n<\/ol>\nBrute Force Options<\/h3>\n\nThe Brute Force tab specifies how the scanner tests for information against SCADA systems.<\/p>\n
Additionally, if Hydra is installed on the same host as a Nessus server linked to SecurityCenter, the Hydra section will be enabled. Hydra extends brute force login testing for the following services: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP\/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.<\/p>\n<\/blockquote>\n
\n
<\/li>\n\n
<\/li>\n\n
<\/li>\n\n
<\/li>\n<\/ol>\nBrute Force Options<\/h3>\n\nThe Brute Force tab specifies how the scanner tests for information against SCADA systems.<\/p>\n
Additionally, if Hydra is installed on the same host as a Nessus server linked to SecurityCenter, the Hydra section will be enabled. Hydra extends brute force login testing for the following services: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP\/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.<\/p>\n<\/blockquote>\n
The Brute Force tab specifies how the scanner tests for information against SCADA systems.<\/p>\n
Additionally, if Hydra is installed on the same host as a Nessus server linked to SecurityCenter, the Hydra section will be enabled. Hydra extends brute force login testing for the following services: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, S7-300, SAP\/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.<\/p>\n<\/blockquote>\n