Nessus a vulnerability scanning application created by Tennable Networks. Nessus is used to scan computers and assets for vulnerabilities. The vulnerabilities can be anything from missing passwords to buffer overflow exploits. Nessus is heavily used in the network security industry to locate and mitigate risks. In this tutorial we will be using Nessus to conduct a basic vulnerability scan of an asset.
1. Like in previous
examples, we will be using Metasploitable as our target. Launch Metasploitable as a virtual machine. In this tutorial, Metasploitable will have an IP address of 10.0.0.21.
2. Launch Backtrack5
r3. This will be the host conducting the
scan. This instance of Backtrack5 will
also be launched through Oracle's VirtualBox.
3. Start the Nessus
service by typing nessusd start in
console.
4. Once the Nessus
service has been started, open Firefox. In
the address bar type
https://127.0.0.1:8834.
Visiting this local address gives us Nessus's graphical user interface.
5. While on the local
Nessus home page, type in your previously setup user name and password.
6. Once logged in, we
are provided with many different features. The Reports section gives us a listing of completed scans.
The Scan section is where a user can schedule or execute a scan. The Policies section
displays the types of scans available. Lastly, the Users
section is an access control list where Nessus users can be added or
removed.
7. Let's begin
setting up a basic scan. Click the Scan
section and click the Add button.
8. First, name the
scan. In this example I named it
Metasploitable_Scan. Leave the type as
Run Now. In the policy drop down menu,
select Internal Network Scan. The 'Scan Targets' field allows us to specifiy multiple IP addresses, but we will be simply entering 10.0.0.21. Leave the 'Targets File' area blank. Click Launch Scan at the bottom of the
page.
9. Once the Scan has
been launched, we are taken back to the 'Reports' page. The 'Reports' page displays the
Metasploitabe_Scan as running. Double
click the Metasploitable_Scan field.
Once double clicked, Nessus will show us a real-time display of its progress. We can already see that there are many
critical vulnerabilities in regards to the Metasploitable operating system.
10. Once the scan is
completed, go back to the Reports section. Select the Metasploitable_Scan
report and then click the Download button.
In drop down menu, select HTML export.
11. Hit
submit. If all goes accordingly, you will be presented with a very well documented
vulnerability report in HTML.
Having a vulnerability report in HTML is very useful when showing your findings to a client. It is also easy to save and transport. A user is able to conduct scans at predetermined times, this is a good option because vulnerability scans have the ability to crash important enterprise systems. Whenever possible run Nessus scans on off-business hours. Nessus is an important tool in security professional's repertoire. It is important because it can help "bullet proof" important network assets.
