logo_Nessus_FullColor_RGB-01

 

 

Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment.

 

According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable Network Security estimates that it is used by over 75,000 organizations worldwide.

 

Nessus is a great tool designed to automate the testing and discovery of known security problems. Typically someone, a hacker group, a security company, or a researcher discovers a specific way to violate the security of a software product.

 

One of the very powerful features of Nessus is its client server technology. Servers can be placed at various strategic points on a network allowing tests to be conducted from various points of view. A central client or multiple distributed clients can control all the servers. The server portion will run on most any flavor of Unix. It even runs on MAC OS X and IBM/AIX, but Linux tends to make the installation simpler. These features provide a great deal of flexibility for the penetration tester. Clients are available for both Windows and Unix. The Nessus server performs the actual testing while the client provides configuration and reporting functionality.

 

 

Nessus allows scans for the following types of vulnerabilities:

 

  • Vulnerabilities that allow a remote hacker to control or access sensitive data on a system.
  • Misconfiguration (e.g. open mail relay, missing patches, etc.).
  • Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
  • Denials of service against the TCP/IP stack by using mangled packets.
  • Preparation for PCI DSS audits.
  • On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user.

 

 

Downloading  Nessus:

http://www.tenable.com/products/nessus/select-your-operating-system

select your package according to your computer and operating system.

 

Screenshot from 2014-03-14 13:25:50

 

 

Install Nessuss:

#wget  http://downloads.nessus.org/nessus3dl.php?file=Nessus-5.2.5-debian6_amd64.deb&licence_accept=yes&t=439e3cf2b3551dd72f8e41e921c757ae

 

#sudo dpkg -i Nessus-5.2.1-debian6_amd64.deb

 

#sudo /etc/init.d/nessusd start

 

Screenshot from 2014-03-13 20:55:37

 

 

Open a browser and navigate to   https://127.0.0.1:8834

 

Screenshot from 2014-03-13 20:57:07

 

 

Screenshot from 2014-03-13 20:57:16

 

 

Screenshot from 2014-03-13 20:57:53

 

 

Select “use at HOME” option (not work as that’s commerical).

 

Screenshot from 2014-03-13 21:00:03

 

 

Enter your  email to register for a plugins feed from Nessus.

 

Screenshot from 2014-03-13 21:00:39

 

 

Nessus will download the plugins (takes some time)

 

Screenshot from 2014-03-13 21:05:32

 

 

Screenshot from 2014-03-13 21:05:42

 

 

 

Nessus Login:

 

Use the username  and password you used to register for a Nessus Feed.

 

Screenshot from 2014-03-13 23:23:22

 

 

That’s it!  Nessus is installed, registered, and has a live feed.

 

Start your first  Home Scan, before create a new scan we need to create a policy  for  the scan.

 

Screenshot from 2014-03-14 13:03:21

 

 

Screenshot from 2014-03-14 13:03:57

 

Screenshot from 2014-03-14 13:04:16

 

 

Screenshot from 2014-03-14 13:04:30

 

 

After creating  policy , create a new scan to scan your internal network

 

Name = internal scan

Policy = Internal  Scan

Targets = Your Internal home IP range.

eg 192.168.31.0/24 (/24 means all 254 hosts on your network)

 

Run Scan Button

 

Screenshot from 2014-03-14 13:06:02

 

 

Leave it running until it gets to 100%

 

Click  Results Tab

 

Screenshot from 2014-03-14 13:10:44

 

 

 

Select the host to see individual results and vulnerablity in the hosts.

 

Select the vulnerability to get more detail

 

 

 

 

Screenshot from 2014-03-14 13:11:02

Export the results as a PDF.