Site icon Mobile App Development Services

Introduction to Nessus Vulnerability Scanning Tool

A vulnerability is a weakness or error in a system or device’s code that, when exploited, can compromise the confidentiality, availability, and integrity of data stored in them through unauthorized access, the elevation of privileges, or denial of service. 

There are different Scanning tools in the market which help us to find out these types of weaknesses in our system. Nessus is one of the great tools to help keep their domains free of the easy vulnerabilities that hackers and viruses commonly look to exploit. 

Purpose: Vulnerability Assessment

Open source but with a limitation: Scans up to 16 IPs

Nessus is developed by Tenable, Inc. It is a remote security scanning tool, which scans a computer for vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.

Nessus Essentials is a free version of the Nessus vulnerability scanner. You can scan up to 16 IPs with Nessus Essentials. The activation code does not expire and can be used for as long as needed.

Why we should use Nessus:

If you are familiar with other network vulnerability scanners, you might be wondering what Pros Nessus has over them.  Here are the advantages of using Nessus for vulnerability scan:

  1. Unlike other scanners, Nessus does not make assumptions about your server configuration (such as assuming that port 80 must be the only webserver) that can cause other scanners to miss real vulnerabilities.
  2. Nessus provides a plug-in interface, and many free plugins are available from the Nessus plug-in site.   These plugs are often specific to detecting a common virus or vulnerability. 
  3. The paid version of Nessus gives some other special vulnerability scan templates like Mobile Device Scan, MDM Config Audit, etc.
  4. When Nessus detects a vulnerability, it is also most often able to suggest the best way to mitigate the vulnerability. 

Nessus Official Documentation:

https://docs.tenable.com/nessus/Content/Install.htm

Nessus Installation on Windows Machine

  1.  Download Docker for Windows

https://docs.docker.com/desktop/windows/install/

Requirements: You should have at least 8 GB Ram & more than Windows 10 Pro (64 Bit)

Reason for Using Dockers: Docker is an open-source containerization platform. It enables developers to package applications into containers. You can deploy a managed Nessus scanner or an instance of Nessus Professional/Essential as a Docker image to run on a container.  Nessus can audit the configuration of the Docker containers as well. 

  1.  Download the Linux kernel update package
https://docs.microsoft.com/en-gb/windows/wsl/install-manual#step-4—download-the-linux-kernel-update-package
  1. Signup for docker hub

https://hub.docker.com/signup

  1. Search for Nessus image in docker hub 
  2. Use this command on windows CLI:
    docker pull tenableofficial/nessus

Nessus image is installed. The moment we get the docker image, the container is not there.

How to start the container?

docker run -it -d tenableofficial/nessus

Some id will be generated and it means that the container is up and running

Up till now we have pulled the image, executed the image, and created the container.

  1. Go to the following links:

https://www.tenable.com/products/nessus/nessus-essentials

https://docs.tenable.com/nessus/Content/InstallNessusEssentialsProfessionalOrManager.htm

  1. Run this command:

docker run -p 8834:8834 tenableofficial/nessus

  1. Go to: https://localhost:8834/
https://localhost:8834/#/scans/folders/my-scans

Scanning Ubuntu VM using Nessus Essentials

Authenticated scan: 

  1. Automatic authentication
  1. HTTP login form

After running an authenticated scan through automatic authentication OR login form, if the Plugin ID 11219 shows credentialed checks: no, it means that SSH is not enabled on the Ubuntu VM.

Nessus Scanning on Local Machine using Basic Network Scan

“Knowing your enemy is winning half the war..” 

Similarly, when you know about your target, half the task of Hacking is done.

Network Scanning is the procedure of identifying active hosts, ports, and the services used by the target application. 

Suppose you are an Ethical Hacker and want to find vulnerabilities in the System, you need a point in the System that you can try to attack. Network Scanning for Ethical Hacking is used to find out these points in the system that a Black Hat Hacker can use to hack the network. And then the respective teams work on improving the security of the network.

Nessus provides a simple way to execute a basic network scan test to find out the loopholes and vulnerabilities in your targeted network

Nessus Scanning using Web Application Tests Template

Nessus provides template Web Application Tests so you can scan your targeted website with a single click: 

Note: There are some other template Scanners provided by Nessus you can select as per your requirements. In the below screenshot you can see the list of vulnerability scanner templates in Nessus:

CVSS-Based Severity and Score

Nessus classified the vulnerabilities into 5 levels:

After the scan is complete, you can see the vulnerability report under the “Vulnerabilities” tab. Click on the vulnerability to see the details of it. We have the name of the vulnerability, description, solution method, and links to learn about it more.

Conclusion

Many organizations all around the world use Nessus as one of their most believed pen-testing tools. It is utilized to scan IP addresses, sites, and sensitive information. Nessus can assist in identifying missing patches, malware, and mobile scanning. Additionally, it has a fully-featured dashboard, a broad range of scanning capabilities, and a multi-design report office.

There are many tools for pen-testing and vulnerability scans that differ from one company to another. However, the goal remains the same, to secure a business’s assets from outside intruders. Penetration testers with advanced skills can reveal an increasing number of flaws. This can be fixed to make systems more secure.

References:
https://koayyongcett.medium.com/introduction-to-nessus-and-hands-on-practice-to-scan-the-network-34c8048090fc

https://www.testhouse.net/blogs/penetration-testing-101-a-beginners-guide-to-ethical-hacking/

https://docs.tenable.com/nessus/Content/AssessmentSettings.htm

https://www.edureka.co/blog/network-scanning-kali-ethical-hacking/#WhatisNetworkScanning

Exit mobile version