Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007."— Presentation transcript:

1 Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007

2 2© 2007 Chuck Fullerton Module Objectives Learn how to Install and Configure Nessus3 Learn how to run a “vanilla” scan Learn how to customize your scan for more effective results Learn how to interpret and save the reports.

3 3© 2007 Chuck Fullerton Introduction to Nessus Created by Renaud Deraison Currently Maintained by Tenable Network Security Uses the NASL Scripting language for it’s plugins (currently over 13,000 plugins!) Price is still Free! Register to obtain many plugins (7 day delay). Or Purchase a Direct Feed for the Latest and greatest and Compliance Checks!

4 4© 2007 Chuck Fullerton Nessus Features Client/Server Architecture SSL/PKI supported Smart Service Recognition (i.e. FTP on 31337) (i.e. FTP on 31337) Non-Destructive or Thorough Tests Vulnerability Mapping to CVE, Bugtraq, and others Vulnerability Scoring using CVSS from NIST.

5 5© 2007 Chuck Fullerton Nessus Features Tons of Plugins Port Scanning Port Scanning Vulnerability Checks Vulnerability Checks Patch Audit Checks Patch Audit Checks Local Server Checks Local Server Checks Compliance Checks Compliance Checks SCADA Checks SCADA Checks Custom Checks (Write your own) Custom Checks (Write your own)

6 6© 2007 Chuck Fullerton Nessus Architecture Nessus uses a Client/Server Architecture Server runs on Linux Server runs on Linux Clients available for Linux and Windows Clients available for Linux and Windows Nessus3 for Windows now available! Nessus3 for Windows now available! Clients connect to the Server using ports TCP/UDP 1241 by default

7 7© 2007 Chuck Fullerton Ported Operating Systems Nessus has been ported to the Following OS’s Red Hat ES 3 & 4 ** Red Hat ES 3 & 4 ** Fedora 5 & 6 Fedora 5 & 6 Debian 3 Debian 3 FreeBSD 4, 5, & 6 FreeBSD 4, 5, & 6 SUSE 9 & 10 SUSE 9 & 10 Solaris 9 & 10 Solaris 9 & 10 Windows 2003, XP (and soon Vista)** Windows 2003, XP (and soon Vista)** **Officially supported by Tenable Network Security

8 8© 2007 Chuck Fullerton Install Process Uninstall any old versions of Nessus Download RPM’s, Deb’s or whatever your system uses. (Current GA version is 3.0.4) Prepare system for install Install Nessus3 Make the crypto certificate Add users Scan away!

9 9© 2007 Chuck Fullerton Preparing the System Ensure your Host firewall allows for connection to TCP/UDP port 1241 Ensure you have updated versions of GTK and OpenSSL Ensure your system date is accurate Ensure your Internet Connection is available (For updates)

10 10© 2007 Chuck Fullerton Installing Nessus rpm –ivh rpm –ivh /opt/nessus/sbin/add-first-user Used mainly with other Tenable Products. Used mainly with other Tenable Products. service nessusd start

11 11© 2007 Chuck Fullerton Updating to the Latest Plugins /opt/nessus/sbin/nessus-update-pluginsLicensing Non-Registered (Only GNU Plugins that come with the program) Non-Registered (Only GNU Plugins that come with the program) Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable Direct Feed (Fee) ($1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others. Direct Feed (Fee) ($1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others.

12 12© 2007 Chuck Fullerton The Nessus Clients Linux ClientWindows Client

13 13© 2007 Chuck Fullerton Logging in to the Server

14 14© 2007 Chuck Fullerton Linux Client

15 15© 2007 Chuck Fullerton Client Plugins Tab

16 16© 2007 Chuck Fullerton Client Scan Preferences

17 17© 2007 Chuck Fullerton Preparing for your First Scan Nessus can cause problems in the target network. Ensure your client provides explicit permission before the start of scanning. Risks DoS DoS Missing Information Missing Information Printer issues if not configured correctly. Printer issues if not configured correctly.

18 18© 2007 Chuck Fullerton Creating a new Scan

19 19© 2007 Chuck Fullerton Reviewing the Data

20 20© 2007 Chuck Fullerton Saving the Report

21 21© 2007 Chuck Fullerton Reporting Options Many different Reporting Options NBE NBE Standard Nessus Format HTML HTML XML XML HTML with Pies and Graphs HTML with Pies and Graphs PDF PDF SQL (windows client only) SQL (windows client only)

22 22© 2007 Chuck Fullerton Interpreting Nessus Reports

23 23© 2007 Chuck Fullerton Tenable Compliance Checks Can check settings within Windows, Unix, Solaris, and Linux. File permissions, File presence File permissions, File presence User/Domain Settings User/Domain Settings Registry Settings Registry Settings Others. Others. User Configurable audit files. There is even an audit file creation tool for Windows.

24 24© 2007 Chuck Fullerton Other Tenable Products Log Correlation Engine (LCE) Correlate and alert on specific logs Correlate and alert on specific logs Passive Vulnerability Scanner (PVS) Now you can scan servers without the risk. Now you can scan servers without the risk. Security Center 3.2 (SC3) Manages Nessus3, LCE and PVS from one console. Manages Nessus3, LCE and PVS from one console. SC3 3DTool 3D Graphical tool to get your points across to management. 3D Graphical tool to get your points across to management.

25 25© 2007 Chuck Fullerton For More Information www.nessus.org www.tenablesecurity.com http://blog.tenablesecurity.com/ http://www.tenablesecurity.com/news/webinars.shtml http://mail.nessus.org/mailman/listinfo/

Download ppt "Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007."

Similar presentations

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.

ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.
Red Hat Linux Network. Red Hat Network Red Hat Network is the environment for system- level support and management of Red Hat Linux networks. Red Hat.

Red Hat Linux Network. Red Hat Network Red Hat Network is the environment for system- level support and management of Red Hat Linux networks. Red Hat.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Optinuity Confidential. All rights reserved. C2O Configuration Requirements.

Optinuity Confidential. All rights reserved. C2O Configuration Requirements.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
1 CCNA 4 v3.1 Module 6. 2 CCNA 4 v3.0 Module 6 Introduction to Network Administration.

1 CCNA 4 v3.1 Module 6. 2 CCNA 4 v3.0 Module 6 Introduction to Network Administration.
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.

OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586.

1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Vulnerability Types And How to Use Them.

Vulnerability Types And How to Use Them.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Similar presentations

Ads by Google