Penetration Testing Using Nessus
Penetration Testing using Nessus
Nessus is one of the best Vulnerability Scanners out there . Its a product of Teenable Security and is available in a free as well as a commercial version . If a free, full-featured vulnerability scanner is on your mind, then it’s good for you to know about Nessus.Nessus can be used for conducting Vulnerability Assessment during a Penetration testing project .
For a quick background on Nessus , Nessus was founded by Renuad Deraison in 1998to provide the Internet community with a free remote security scanner. Nessus is a full-fledged vulnerability scanners that allow you to detect potential vulnerabilities in systems. Nessus is the world’s most popular vulnerability scanning tool and also the most widely used . Moreover Nessus is also Multi Platform
Nessus is free of cost for personal use in a non-enterprise environment. It uses a web interface to set up, scan, and view reports. It has one of the largest vulnerability knowledge bases available; because of this KB, the tool is very popular.
Nessus Key features
- Identifies vulnerabilities that allow a remote attacker to access sensitive information from the system
- Checks whether the systems in the network have the latest software patches
- Tries with default passwords, common passwords, on systems account
- Configuration audits
- Vulnerability analysis
- Mobile device audits
- Customized reporting
For more details on the features of Nessus, visit: http://www.tenable.com/products/nessus/nessus-product-overview/nessus-features.
Nessus has Multi OS support and supports Microsoft Windows XP/Vista/7 , Linux , Mac OS X (10.5 and higher),Free BSD , Sun Solaris and many more for that matter .
Installation and configuration
- Download the Nessus home feed (free) or professional feed here .
- Once you download the Nessus, you need to register with the Nessus official website to generate the activation key, which is required to use the Nessus tool. Click here to generate the Activation Key .
- Follow the instructions on the page and the activation key will be emailed to you on your email ID .
- Install Nessus by following the steps and Instructions on the Screen .
- Once Nessus is installed and activated , Nessus can be accessed in the browser and normally it runs on port 8834. URL : http://localhost:8834/WelcomeToNessus-Install/welcome
- Create an account with Nessus.
- Enter the activation code you have obtained by registering with the Nessus website. Also you can configure the proxy if needed by giving proxy hostname, proxy username, and password.
- Then the scanner gets registered with Tenable and creates a user.
- Download the necessary plug-in. (It takes some time to download the plug-in; while you are watching the screen, you can go through the vast list of resources we have for Nessus users).
Once the plug-ins are downloaded, it will automatically redirect you to a login screen. Provide the username and password that you have created earlier to login.
Thats it and the most powerful Vulnerability scanner is ready to be used for Penetration testing .
Nessus Tutorial : Penetration Testing and Vulnerability Assessment
Running Nessus :
Nessus will give you lot of options when it comes to running the actual vulnerability scan. Nessus comes with 4 types of basic scans (which themselves are very powerfull) and also allows the user to create their own custom scans and hence gives the power to the user . With Nessus Vulnerability Scanner you can scan individual computers, ranges of IP addresses, or complete subnets. There are over 1200 vulnerability plug-ins with Nessus, which allow you to specify an individual vulnerability or a set of vulnerabilities to test for.
Here an important thing to note is that , distinguished from other tools, Nessus won’t assume that explicit services run on common ports; instead, it will try to exploit the vulnerabilities.
Foundations for discovering the vulnerabilities in the network are:
- Which hosts are live
- What ports are Open and what services are running on what Ports
- What Operating system is running in the remote machine
Once you have loged into the Nessus web interface, you will be able to see various options, such as:
- Policies–Using which you can configure the options required for scan
- Scans–for adding different scans
- Reports–for analyzing the results
The basic workflow of Nessus tool is to Login, Create or Configure the Policy, Run the Scan, and Analyze the Results.
Policies
Policies are the vulnerability tests that you can perform on the target machine. By default, Nessus has four policies.
Comments