Presentation is loading. Please wait.

Presentation is loading. Please wait.

NESSUS SCANNING By: Vaibhav Shukla.

Published byRosa Bradley Modified over 5 years ago

Similar presentations

Presentation on theme: "NESSUS SCANNING By: Vaibhav Shukla."— Presentation transcript:

1 NESSUS SCANNING By: Vaibhav Shukla

2 Scan Target Target 1 Fedora installed in a VM Ware Workstation for Testing Purpose IP Address xx

3 Basic Network scan 1 Critical vulnerability 2 Medium vulnerability
1 Low vulnerability 27 Info

4 Critical Vulnerability

5 Critical Vulnerability
Fedora 21 EOL is 1st Dec 2015

6 Medium Vulnerability 1 FTP Port is enabled

7 Checked for FTP and HTTP Service

8 Medium Vulnerability 2

9 Why HTTP Trace should be Off
The HTTP TRACE method asks a web server to echo the contents of the request back to the client for debugging purposes. These HTTP Trace methods can be used for nefarious purposes like (XST), a form of cross site scripting using the server's  In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.

10 Mitigating the vulnerability
vi /etc/httpd/conf/httpd.conf Add the TraceEnable directive into your httpd.conf and set the value to Off.   

11 Scan Target Target 2 Personal laptop IP Address xx.1xx

12 Basic Network scan 0 Critical vulnerability 4 Medium vulnerability
0 Low vulnerability 30 Info

13 Medium Vulnerability The server's X.509 certificate does not have a signature from a known public certificate authority.

Download ppt "NESSUS SCANNING By: Vaibhav Shukla."

Similar presentations

4.01 How Web Pages Work.

4.01 How Web Pages Work.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Building Applications using ASP.NET and C# / Session 1 / 1 of 21 Session 1.

Building Applications using ASP.NET and C# / Session 1 / 1 of 21 Session 1.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Module 1: Installing Internet Information Services 5.0.

Module 1: Installing Internet Information Services 5.0.
Web Server Configuration Alokes Chattopadhyay Computer & Informatics Centre IIT Kharagpur.

Web Server Configuration Alokes Chattopadhyay Computer & Informatics Centre IIT Kharagpur.
Www.netfort.com NetFort Customer Webinar Getting back to basics – Using LANGuardian Aisling Brennan 26 th Feb 2015.

NetFort Customer Webinar Getting back to basics – Using LANGuardian Aisling Brennan 26 th Feb 2015.
ProtectionProfiles. 2 Fortinet Technologies Protection Profiles Protection profiles control t the type of traffic protected t HTTP t FTP t IMAP t POP3.

ProtectionProfiles. 2 Fortinet Technologies Protection Profiles Protection profiles control t the type of traffic protected t HTTP t FTP t IMAP t POP3.
Lectures and Practicals Mon 8-10 SC1222 TUE 13-15 SC1222 Office: SC1421 Website: mis.csit.sci.tsu.ac.th/kanida.

Lectures and Practicals Mon 8-10 SC1222 TUE SC1222 Office: SC Website: mis.csit.sci.tsu.ac.th/kanida.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Lesson 15 Client Side Vulnerabilities and you. Active Server Pages MS’s answer to the scripting world of PERL and CGI on Unix Usually Written In Visual.

Lesson 15 Client Side Vulnerabilities and you. Active Server Pages MS’s answer to the scripting world of PERL and CGI on Unix Usually Written In Visual.
System Administration and Maintenance. Proxy Server 1 Purpose – – To separate internal network from internet (NAT) To cache often used content User control:

System Administration and Maintenance. Proxy Server 1 Purpose – – To separate internal network from internet (NAT) To cache often used content User control:
ITIS 1210 Introduction to Web-Based Information Systems Chapter 23 How Web Host Servers Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 23 How Web Host Servers Work.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.

1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
 Internet network of connected computer › No company owns the internet › Purpose is to share information  World Wide Web (Web) one of the ways information.

 Internet network of connected computer › No company owns the internet › Purpose is to share information  World Wide Web (Web) one of the ways information.
Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.

Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Similar presentations

Ads by Google