vulnerability assessments with nessus 3
Download
Skip this Video
Download Presentation
Vulnerability Assessments with Nessus 3

Loading in 2 Seconds...

play fullscreen
1 / 25

Vulnerability Assessments with Nessus 3 - PowerPoint PPT Presentation


  • 153 Views
  • Uploaded on

Vulnerability Assessments with Nessus 3. Columbia Area LUG January 10 2007. Module Objectives. Learn how to Install and Configure Nessus3 Learn how to run a “vanilla” scan Learn how to customize your scan for more effective results Learn how to interpret and save the reports.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Vulnerability Assessments with Nessus 3' - makan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
vulnerability assessments with nessus 3

Vulnerability Assessments with Nessus 3

Columbia Area LUG

January 10 2007

module objectives
Module Objectives
  • Learn how to Install and Configure Nessus3
  • Learn how to run a “vanilla” scan
  • Learn how to customize your scan for more effective results
  • Learn how to interpret and save the reports.

© 2007 Chuck Fullerton

introduction to nessus
Introduction to Nessus
  • Created by Renaud Deraison
  • Currently Maintained by Tenable Network Security
  • Uses the NASL Scripting language for it’s plugins (currently over 13,000 plugins!)
  • Price is still Free!
  • Register to obtain many plugins (7 day delay).
  • Or Purchase a Direct Feed for the Latest and greatest and Compliance Checks!

© 2007 Chuck Fullerton

nessus features
Nessus Features
  • Client/Server Architecture
  • SSL/PKI supported
  • Smart Service Recognition
    • (i.e. FTP on 31337)
  • Non-Destructive or Thorough Tests
  • Vulnerability Mapping to CVE, Bugtraq, and others
  • Vulnerability Scoring using CVSS from NIST.

© 2007 Chuck Fullerton

nessus features5
Nessus Features
  • Tons of Plugins
    • Port Scanning
    • Vulnerability Checks
    • Patch Audit Checks
    • Local Server Checks
    • Compliance Checks
    • SCADA Checks
    • Custom Checks (Write your own)

© 2007 Chuck Fullerton

nessus architecture
Nessus Architecture
  • Nessus uses a Client/Server Architecture
    • Server runs on Linux
    • Clients available for Linux and Windows
    • Nessus3 for Windows now available!
  • Clients connect to the Server using ports TCP/UDP 1241 by default

© 2007 Chuck Fullerton

ported operating systems
Ported Operating Systems
  • Nessus has been ported to the Following OS’s
    • Red Hat ES 3 & 4 **
    • Fedora 5 & 6
    • Debian 3
    • FreeBSD 4, 5, & 6
    • SUSE 9 & 10
    • Solaris 9 & 10
    • Windows 2003, XP (and soon Vista)**

**Officially supported by Tenable Network Security

© 2007 Chuck Fullerton

install process
Install Process
  • Uninstall any old versions of Nessus
  • Download RPM’s, Deb’s or whatever your system uses. (Current GA version is 3.0.4)
  • Prepare system for install
  • Install Nessus3
  • Make the crypto certificate
  • Add users
  • Scan away!

© 2007 Chuck Fullerton

preparing the system
Preparing the System
  • Ensure your Host firewall allows for connection to TCP/UDP port 1241
  • Ensure you have updated versions of GTK and OpenSSL
  • Ensure your system date is accurate
  • Ensure your Internet Connection is available (For updates)

© 2007 Chuck Fullerton

installing nessus
Installing Nessus
  • rpm –ivh <nessusfilename>
  • /opt/nessus/sbin/add-first-user
    • Used mainly with other Tenable Products.
  • service nessusd start

© 2007 Chuck Fullerton

updating to the latest plugins
Updating to the Latest Plugins
  • /opt/nessus/sbin/nessus-update-plugins
  • Licensing
    • Non-Registered (Only GNU Plugins that come with the program)
    • Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable
    • Direct Feed (Fee) ($1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others.

© 2007 Chuck Fullerton

the nessus clients
The Nessus Clients

Linux Client

Windows Client

© 2007 Chuck Fullerton

logging in to the server
Logging in to the Server

© 2007 Chuck Fullerton

linux client
Linux Client

© 2007 Chuck Fullerton

client plugins tab
Client Plugins Tab

© 2007 Chuck Fullerton

client scan preferences
Client Scan Preferences

© 2007 Chuck Fullerton

preparing for your first scan
Preparing for your First Scan
  • Nessus can cause problems in the target network. Ensure your client provides explicit permission before the start of scanning.
  • Risks
    • DoS
    • Missing Information
    • Printer issues if not configured correctly.

© 2007 Chuck Fullerton

creating a new scan
Creating a new Scan

© 2007 Chuck Fullerton

reviewing the data
Reviewing the Data

© 2007 Chuck Fullerton

saving the report
Saving the Report

© 2007 Chuck Fullerton

reporting options
Reporting Options
  • Many different Reporting Options
    • NBE
      • Standard Nessus Format
    • HTML
    • XML
    • HTML with Pies and Graphs
    • PDF
    • SQL (windows client only)

© 2007 Chuck Fullerton

interpreting nessus reports
Interpreting Nessus Reports

© 2007 Chuck Fullerton

tenable compliance checks
Tenable Compliance Checks
  • Can check settings within Windows, Unix, Solaris, and Linux.
    • File permissions, File presence
    • User/Domain Settings
    • Registry Settings
    • Others.
  • User Configurable audit files.
  • There is even an audit file creation tool for Windows.

© 2007 Chuck Fullerton

other tenable products
Other Tenable Products
  • Log Correlation Engine (LCE)
    • Correlate and alert on specific logs
  • Passive Vulnerability Scanner (PVS)
    • Now you can scan servers without the risk.
  • Security Center 3.2 (SC3)
    • Manages Nessus3, LCE and PVS from one console.
  • SC3 3DTool
    • 3D Graphical tool to get your points across to management.

© 2007 Chuck Fullerton

for more information
For More Information
  • www.nessus.org
  • www.tenablesecurity.com
  • http://blog.tenablesecurity.com/
  • http://www.tenablesecurity.com/news/webinars.shtml
  • http://mail.nessus.org/mailman/listinfo/

© 2007 Chuck Fullerton

ad