Vulnerability scanning using Nessus Essentials

What is Nessus?

Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. It does this by running over 1200 checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it.

Why Nessus?

If you are familiar with other network vulnerability scanners, you might be wondering what advantages Nessus has over them. Key points include:

- Unlike other scanners, Nessus does not make assumptions about your server configuration (such as assuming that port 80 must be the only web server) that can cause other scanners to miss real vulnerabilities.

- Nessus is very extensible, providing a scripting language for you to write tests specific to your system once you become more familiar with the tool. Its also provides a plug-in interface, and many free plug-ins are available from the Nessus plug-in site. These plugs are often specific to detecting a common virus or vulnerability.

- Up to date information about new vulnerabilities and attacks. The Nessus team updates the list of what vulnerabilities to check for on a daily basis in order to minimize the window between an exploit appearing in the wild, and you being able to detect it with Nessus.

- Open-source. Nessus is open source, meaning it costs nothing, and you are free to see and modify the source as you wish.

• Patching Assistance: When Nessus detects a vulnerability, it is also most often able to suggest the best way you can mitigate the vulnerability.

Download Nessus from here.

It is available for all the platforms.

First register with your e-mail before downloading, as it sends a verification code to you e-mail while scanning.

Installation and setting up:

I generally use terminal, so I will setup Nessus in Kali Linux through terminal, you can use GUI version of Nessus in Windows.

To show active Internet connections:

netstat -nltup

The Nessus local address is highlighted i.e., 8834

If you didn’t find the Nessus port restart system control by following command:

systemctl restart nessusd.service

Open new terminal and find your ip address:

$ ifconfig for Linux.

$ ipconfig for Windows.

Now you need to paste this local address of Nessus followed by your ip address and paste in your browser where you can scan vulnerabilities.

For example: Your ip address is 127.168.1.20 and Nessus address is 8834.

https://127.168.1.20:8834, This will be your link for Nessus.

After opening the link, you will see Nessus interface as shown below.

Nessus user interface, click on Nessus Essentials.

Click on new scan:

Here you see 16 different vulnerability scans. I had done basic scans i.e, network scan. You can explore all the different scans in a similar way.

I will be using scanme.nmap.org which is free for vulnerability tests. You can also host a domain on your own using metasploit.

Open Network scan and ENTER the ip address which you want to scan. There are many other advanced options where it is not preferable for newbies. If you are interested you can can have a look and proceed.

Launch your scan.

You will get the similar output as the below image. Download your scan report in .pdf file.