Running a Nessus scan against a LINUX server running a Harvest agent leads to a hang-up of the agent. The agent needs to be restarted.

Release : 13.0.3 and higher

Component : CA Harvest Software Change Manager

I did a quick search to find out what the Nessus software does, and it appears that it is used to discover any security threats or concerns on the computer.  According to what I’ve learned, examples of vulnerabilities and exposures Nessus can scan for include:

• Vulnerabilities that could allow unauthorized control or access to sensitive data on a system.
• Misconfiguration (e.g. open mail relay, missing patches, etc.).
• Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
• Denials of service vulnerabilities

The user guide for the Nessus scanner says

Caution: In some rare cases, probing might disrupt some services and cause unforeseen side effects.

It also contains information about how to configure scans which might include ways to tell it to ignore the port that SCM Agent is using, put the agntd process on a “whitelist” to specify that it’s not a harmful application, how to configure and run reports, and access log files that might tell you exactly why it is killing the SCM Agent process.

You might also check with the technical support team for Nessus to hear their suggestions on how to prevent Nessus from killing the SCM Agent process.

If the user guide and/or Nessus support team cannot provide a way to make the Nessus scanner ignore the SCM Agent software, your other option is to restart it after the scan is completed. If the Nessus scan runs on a schedule, then restarting the agent can be set up on a schedule as well. There’s also a way to set up a small batch script to check every few minutes and if the agntd process is down, restart it.