Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Slides:



Advertisements
Similar presentations
ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Advertisements

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.
Red Hat Linux Network. Red Hat Network Red Hat Network is the environment for system- level support and management of Red Hat Linux networks. Red Hat.
Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Optinuity Confidential. All rights reserved. C2O Configuration Requirements.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
1 CCNA 4 v3.1 Module 6. 2 CCNA 4 v3.0 Module 6 Introduction to Network Administration.
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Maintaining and Updating Windows Server 2008
Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Vulnerability Types And How to Use Them.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.
Module 1: Installing Internet Information Services 5.0.
Managing Software using RPM. ♦ Overview In Linux, Red Hat Package Manager referred as RPM is a tool used for managing software packages and its main function.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Linux Operations and Administration
1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.
Nessus.
Hands-On Ethical Hacking and Network Defense
Tutorial 11 Installing, Updating, and Configuring Software
© 2010 VMware Inc. All rights reserved Patch Management Module 13.
1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.
Chapter SIx Maintaining a Computer Part I: Configuring, Updating, and Upgrading the OS.
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
Shadow Security Scanner Li,Guorui. Introduction Remote computer vulnerabilities scanner Runs on Windows Operating Systems SSS also scans servers built.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
MIS Week 6 Site:
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 6 Introduction to Network Administration.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 4 v3.0 Module 6 Introduction to Network Administration.
Module 7 Configure User and Computer Environments By Using Group Policy.
SUSE Linux Enterprise Desktop Administration Chapter 6 Manage Software.
SCSC 555 Frank Li.  Introduction to Enumeration  Enumerate Microsoft OS  Enumerate *NIX OS  Enumerate NetWare OS (skip) 2.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
MIS Week 6 Site:
Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.
Introduction A security scanner is a software which will audit remotely a given network and determine whether bad guys may break into it,or misuse it.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Retina Network Security Scanner
Hands-On Ethical Hacking and Network Defense
SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.
IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.
Windows Small Business Server 2003 R2 Powering Small Businesses.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Maintaining and Updating Windows Server 2008 Lesson 8.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Enterprise Vulnerability Management
CITA 352 Chapter 6 Enumeration.
Patch Management Module 13.
Moving to Configuration Manager Current Branch
Deep Serucity 7.0 Training
COP 4343 Unix System Administration
Module Overview Installing and Configuring a Network Policy Server
Overview – SOE PatchTT November 2015.
Overview – SOE PatchTT December 2013.
More Scripting & Chapter 11
Penetration Testing 10/12/2018 Penetration Testing.
Penetration Testing 10/12/2018 Penetration Testing.
Intro to Ethical Hacking
Intro to Ethical Hacking
Microsoft Virtual Academy
Presentation transcript:

Vulnerability Assessments with Nessus 3 Columbia Area LUG January

2© 2007 Chuck Fullerton Module Objectives Learn how to Install and Configure Nessus3 Learn how to run a “vanilla” scan Learn how to customize your scan for more effective results Learn how to interpret and save the reports.

3© 2007 Chuck Fullerton Introduction to Nessus Created by Renaud Deraison Currently Maintained by Tenable Network Security Uses the NASL Scripting language for it’s plugins (currently over 13,000 plugins!) Price is still Free! Register to obtain many plugins (7 day delay). Or Purchase a Direct Feed for the Latest and greatest and Compliance Checks!

4© 2007 Chuck Fullerton Nessus Features Client/Server Architecture SSL/PKI supported Smart Service Recognition (i.e. FTP on 31337) (i.e. FTP on 31337) Non-Destructive or Thorough Tests Vulnerability Mapping to CVE, Bugtraq, and others Vulnerability Scoring using CVSS from NIST.

5© 2007 Chuck Fullerton Nessus Features Tons of Plugins Port Scanning Port Scanning Vulnerability Checks Vulnerability Checks Patch Audit Checks Patch Audit Checks Local Server Checks Local Server Checks Compliance Checks Compliance Checks SCADA Checks SCADA Checks Custom Checks (Write your own) Custom Checks (Write your own)

6© 2007 Chuck Fullerton Nessus Architecture Nessus uses a Client/Server Architecture Server runs on Linux Server runs on Linux Clients available for Linux and Windows Clients available for Linux and Windows Nessus3 for Windows now available! Nessus3 for Windows now available! Clients connect to the Server using ports TCP/UDP 1241 by default

7© 2007 Chuck Fullerton Ported Operating Systems Nessus has been ported to the Following OS’s Red Hat ES 3 & 4 ** Red Hat ES 3 & 4 ** Fedora 5 & 6 Fedora 5 & 6 Debian 3 Debian 3 FreeBSD 4, 5, & 6 FreeBSD 4, 5, & 6 SUSE 9 & 10 SUSE 9 & 10 Solaris 9 & 10 Solaris 9 & 10 Windows 2003, XP (and soon Vista)** Windows 2003, XP (and soon Vista)** **Officially supported by Tenable Network Security

8© 2007 Chuck Fullerton Install Process Uninstall any old versions of Nessus Download RPM’s, Deb’s or whatever your system uses. (Current GA version is 3.0.4) Prepare system for install Install Nessus3 Make the crypto certificate Add users Scan away!

9© 2007 Chuck Fullerton Preparing the System Ensure your Host firewall allows for connection to TCP/UDP port 1241 Ensure you have updated versions of GTK and OpenSSL Ensure your system date is accurate Ensure your Internet Connection is available (For updates)

10© 2007 Chuck Fullerton Installing Nessus rpm –ivh rpm –ivh /opt/nessus/sbin/add-first-user Used mainly with other Tenable Products. Used mainly with other Tenable Products. service nessusd start

11© 2007 Chuck Fullerton Updating to the Latest Plugins /opt/nessus/sbin/nessus-update-pluginsLicensing Non-Registered (Only GNU Plugins that come with the program) Non-Registered (Only GNU Plugins that come with the program) Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable Direct Feed (Fee) ($1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others. Direct Feed (Fee) ($1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others.

12© 2007 Chuck Fullerton The Nessus Clients Linux ClientWindows Client

13© 2007 Chuck Fullerton Logging in to the Server

14© 2007 Chuck Fullerton Linux Client

15© 2007 Chuck Fullerton Client Plugins Tab

16© 2007 Chuck Fullerton Client Scan Preferences

17© 2007 Chuck Fullerton Preparing for your First Scan Nessus can cause problems in the target network. Ensure your client provides explicit permission before the start of scanning. Risks DoS DoS Missing Information Missing Information Printer issues if not configured correctly. Printer issues if not configured correctly.

18© 2007 Chuck Fullerton Creating a new Scan

19© 2007 Chuck Fullerton Reviewing the Data

20© 2007 Chuck Fullerton Saving the Report

21© 2007 Chuck Fullerton Reporting Options Many different Reporting Options NBE NBE Standard Nessus Format HTML HTML XML XML HTML with Pies and Graphs HTML with Pies and Graphs PDF PDF SQL (windows client only) SQL (windows client only)

22© 2007 Chuck Fullerton Interpreting Nessus Reports

23© 2007 Chuck Fullerton Tenable Compliance Checks Can check settings within Windows, Unix, Solaris, and Linux. File permissions, File presence File permissions, File presence User/Domain Settings User/Domain Settings Registry Settings Registry Settings Others. Others. User Configurable audit files. There is even an audit file creation tool for Windows.

24© 2007 Chuck Fullerton Other Tenable Products Log Correlation Engine (LCE) Correlate and alert on specific logs Correlate and alert on specific logs Passive Vulnerability Scanner (PVS) Now you can scan servers without the risk. Now you can scan servers without the risk. Security Center 3.2 (SC3) Manages Nessus3, LCE and PVS from one console. Manages Nessus3, LCE and PVS from one console. SC3 3DTool 3D Graphical tool to get your points across to management. 3D Graphical tool to get your points across to management.

25© 2007 Chuck Fullerton For More Information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.