Sunday, March 3, 2013

How To Run A Basic Nessus Scan


Nessus a vulnerability scanning application created by Tennable Networks.  Nessus is used to scan computers and assets for vulnerabilities.  The vulnerabilities can be anything from missing passwords to buffer overflow exploits.  Nessus is heavily used in the network security industry to locate and mitigate risks.  In this tutorial we will be using Nessus to conduct a basic vulnerability scan of an asset.
1.  Like in previous examples, we will be using Metasploitable as our target.  Launch Metasploitable as a virtual machine.  In this tutorial, Metasploitable will have an IP address of 10.0.0.21.



2.  Launch Backtrack5 r3.  This will be the host conducting the scan.  This instance of Backtrack5 will also be launched through Oracle's VirtualBox.


3.  Start the Nessus service by typing nessusd start in console.  


4.  Once the Nessus service has been started, open Firefox.  In the address bar type 
https://127.0.0.1:8834.  Visiting this local address gives us Nessus's graphical user interface.   


5.  While on the local Nessus home page, type in your previously setup user name and password.  

6.  Once logged in, we are provided with many different features.  The Reports section gives us a listing of completed scans.  The Scan section is where a user can schedule or execute a scan.  The Policies section displays the types of scans available.  Lastly, the Users section is an access control list where Nessus users can be added or removed.  


7.  Let's begin setting up a basic scan.  Click the Scan section and click the Add button.  
8.  First, name the scan.  In this example I named it Metasploitable_Scan.  Leave the type as Run Now.  In the policy drop down menu, select Internal Network Scan.  The 'Scan Targets' field allows us to specifiy multiple IP addresses, but we will be simply entering 10.0.0.21.  Leave the 'Targets File' area blank.  Click Launch Scan at the bottom of the page.


9.  Once the Scan has been launched, we are taken back to the 'Reports' page.  The 'Reports' page displays the Metasploitabe_Scan as running.  Double click the Metasploitable_Scan field.  Once double clicked, Nessus will show us a real-time display of its progress.  We can already see that there are many critical vulnerabilities in regards to the Metasploitable operating system.


10.  Once the scan is completed, go back to the Reports section. Select the Metasploitable_Scan report and then click the Download button.  In drop down menu, select HTML export.  


11.  Hit submit.  If all goes accordingly, you will be presented with a very well documented vulnerability report in HTML.


Having a vulnerability report in HTML is very useful when showing your findings to a client.  It is also easy to save and transport.  A user is able to conduct scans at predetermined times, this is a good option because vulnerability scans have the ability to crash important enterprise systems.  Whenever possible run Nessus scans on off-business hours.  Nessus is an important tool in security professional's repertoire.  It is important because it can help "bullet proof" important network assets.

No comments:

Post a Comment