Nessus Vulnerability Scanning Tutorial configuration Nessus

Nessus Vulnerability Scanning Tutorial configuration Nessus configuration Nessus

After you install the Nessus tool successfully. You can use this tool to implement vulnerability scanning. In order for the user to use the tool better, the relevant settings for the tool are described. such as the start of services, software updates, user management and so on. This section introduces the Nessus service configuration.

Start the Nessus service

After the Nessus service is installed. The default is to initiate the initiative yourself. Assume that the user restarts the system for additional operations. Shut down the Nessus service. Again, you will need to start the service first.

The following describes how to start the Nessus service in different operating systems, respectively.

1.Windows Start the Nessus service

The methods for starting the Nessus service under Windows are as follows:

(1) Open the Windows System Services form. Clicking the Execute command in the Startup menu bar of the Windows system pops up the Execute dialog box, which is seen in 1.22.

Figure 1.22 Execution dialog box

(2) in the dialog box, enter "Services.msc" and click "OK" button, which will open the "services" form, 1.23 see.

Figure 1.23 Service Form

(3) Locate the "Tenable Nessus" service in the Name column of the interface. You can manage the service, such as stop, start, or start again.

In Windows, you can also stop or start the Nessus service from the command line. Like what. Stop the Nessus service. Run the command as seen below:

• C:\users\administrator>net Stop "tenable Nessus"
• Tenable Nessus Service is stopping.
• Tenable Nessus Service has stopped successfully.

From the output information above, you can see that the Nessus service has stopped successfully. Assuming you start the Nessus service, run the command as seen below:

• C:\users\administrator>net start "tenable Nessus"
• Tenable Nessus Service is starting.
• Tenable Nessus Service has started successfully.

From the output information above, you can see that the Nessus service has started successfully.

2.Linux Start the Nessus service

Start the Nessus service under Linux. Run the command as seen below:

• [[Email protected] ~]# service NESSUSD start
• Start Nessus service: [OK]

From the output information above, you can see that the Nessus service has started successfully.

Assume that the user is unsure whether the service is started or not. Ability to view its status using the following command. For example, see the following:

• [[Email protected] ~]# service NESSUSD status
• NESSUSD (PID 5948) is executing ...

From the output information above, you can see that the Nessus service is executing.

Nessus Software Updates

In order to be able to use Nessus for a successful vulnerability scan. It is important to check for and update nessus before scanning, using the latest plugins. This ensures that all the latest vulnerabilities are scanned. The following is an example of a Windows operating system that describes how to update a plug-in.

1. Online Updates

"Demo Sample 1-3" Updates the plug-in in Nessus under Windows. Detailed procedures such as the following are seen:

(1) login Nessus service. Enter the https://IP:8834/address in the browser address bar in Windows. will open 1.24 of the interface you see.

Figure 1.24 Certificate is not trusted

(2) Select the "Continue browsing this site (not recommended)" option in this interface. will open 1.25 of the interface you see.

Figure 1.25 Login interface diagram 1.26 Nessus login interface

(3) enter the username and password for managing the Nessus service in this interface. And then. Click Sign Inbutton.

After the login is successful. The 1.26 interface that you see is displayed.

(4) Click the small triangle in the upper-right corner of the interface. A menu bar will pop up, 1.27 see. On the menu bar, click the Settings command to open the Settings screen. 1.28 of what you see.

Figure 1.27 Menu bar Figure 1.28 Setup interface

(5) from the left sidebar of the interface, you can see that there are two sub-options, the Overview (overview) and the software update (software update) option. In Figure 1.28, the information in the overview option is displayed.

Of Includes Nessus version number, connection time, platform, recent update time, activation code, and more. Assuming that you want to make a software update, select the Software update option, which displays the interface that 1.29 sees.

Figure 1.29 Software update Figure 1.30 updating software manually

(6) from this interface can see in Automatic Updates (self-active update) The following are three ways to update, each is update all component (update all components), update Plugins (update plugin) and disabled (no update). The user is able to choose whatever Update method is available. Nessus also provides a way for you to define your own plugin updates. Used for a specific host. Like what. Update the plug-ins provided by the IP address for the 192.168.1.100 host. Enter the address 192.168.1.100 in the corresponding text box in the custom host. Suppose the user does not want to be actively updated. can also be manually updated. Click on the Manual Software update (manual update) button in the upper-right corner of the interface to display the 1.30 interface you see.

(7) There are three updates available, each updating all component (update all components), update plugins (update plugin), and upload your own plugin Archive (upload your own plugin documentation). After the user chooses the desired update mode. You can start the update by clicking Continuebutton. After the update is complete. The top right corner (the bell) icon will prompt for update success, 1.31 see.

Watermark/2/text/ahr0cdovl2jsb2cuy3nkbi5uzxqv/font/5a6l5l2t/fontsize/400/fill/i0jbqkfcma==/dissolve/70/gravity /center ">

Figure 1.31 Software update success Figure 1.32 Generate challenge code

2. Offline Update

The above update methods are online updates.

Use this way to update the words. You will need to make sure your network is in a normal state. Assume that users cannot confirm their own network by using Offline Update mode.

Such a way does not require that the Nessus system connection must be connected to the Internet. The following describes how to update offline.

Demo sample 1-4 The following is an example of the Windows 7 operating system, which describes how to update the plug-in offline.

(1) get an activation code. Because the activation code is obtained, it can only be used once. So. Assume that the service is activated again. Need to get an activation code again.

(2) generate a challenge code. Run the command as seen below:

• C:\Program files\tenable\nessus> Nessuscli.exe Fetch--challenge

When you run the above command, you see the effect 1.32 shows.

Tip: If you are in a Linux system, run the command as seen below:

• [Email protected] ~]#/OPT/NESSUS/SBIN/NESSUSCLI fetch--challenge

(3) An activation code is generated from which you can see it. Next, you will be able to download the Nessus plugin offline.

Among them, for https://plugins.nessus.org/v2/offline.php. Once you have successfully visited the address in your browser, you will see 1.33 of the interfaces you have seen.

(4) Enter the challenge code obtained in step (2) in the first line text box of the interface, and enter the activation code obtained in the second line of the text box. Then, click Submitbutton. You can start downloading plugins.

The interface gets 6.3 and updated plugins. Assuming that the user wants to get the plug-in before the version number 6.3, clicking the arrow in the diagram refers to the here command, which will jump to another page, 1.34 see.

Figure 1.33 Offline download plugin figure 1.34 Download plugin for older version number

(5) the interface and figure 1.31 show the same content. Here the same input generates the challenge code and the activation code. You can get the plugin for the old version number.

User Management in Nessus

User management is an additional feature provided by Nessus. In a large enterprise environment. Or the use of Nessus more people, the user management is very practical. When using Nessus scans in such situations, administrators can set different levels of security for multiple scan users.

Nessus provides two different user roles, each of which is administrator (Administrator) and standard (normal user).

Users of the Administrator role are able to access all the functions in the Nessus, and the users of the standard role are limited to some functions, such as software updates, user management, and advanced settings. The following describes the methods for managing users in Nessus.

1. Create a new user

Selecting the Accounts tab in the Nessus Settings screen will display the 1.35 interface you see.

Figure 1.35 Account Setup interface figure 1.36 New user

Clicking on the new Userbutton in the upper-right corner of the interface will open 1.36 of the interface you see.

Enter the username and password you want to create in this interface. The corresponding text box for User role has two options. Each is standard and system Administrator. Of The standard option indicates that the user created is a normal user, and the System administrator option indicates that the user created is an administrator user. Then click Savebutton, and you will see 1.37 of the interface you see.

Figure 1.37 User interface Figure 1.38 Deleting a user

From this interface, you can see that you have successfully created a named user, type Standard.

2. Delete a user

When a user is not required by the Nessus scan, the user can be deleted. Detailed methods such as the following are seen:

(1) open User settings interface, 1.31 see.

(2) Select the user you want to delete in the interface, then click the (wrong number) icon after username to delete the user. Alternatively, tick the check box in front of username.

At this point, a deletebutton,1.38 will appear on the left side of the search box. Then, click DeleteButton to display the 1.39 interface that you see.

Figure 1.39 Confirm Delete User Figure 1.40 Edit user Interface

The interface prompts you to determine whether you want to delete the user.

Assume that the confirmation is fine. If you click DeleteButton, you can successfully delete the user.

3. Changes to existing user roles

Click the user you want to change the role in the user interface (Figure 1.31). You can change the user's role. Like what. Edit user users. After you click the user user interface. The 1.40 interface that you see is displayed.

From this interface, you can see the user's role as standard. Here, click the small triangle behind the corresponding text box for user role. You can choose to change the role.

Like what. Changes to the system Administrator role. The 1.41 interface that you see is displayed.

Figure 1.41 Changing user roles figure 1.42 Change password

At this point, the user role has been successfully changed. Next. You need to click Savebutton to save your settings.

Otherwise, the setting is not valid.

4. Change user Password

Changes to the password are also changed in the user settings interface. Same, click the user who wants to change password. And then. Click on the Change Password tab in the left sidebar to display the 1.42 interface you see.

In this interface, enter the new password that you want to set again. And then click Savebutton. Can successfully change their user password.

Communication settings in Nessus

The communication settings here refer to the Communication tab in the Setup options. In this tab setting, there are two settings options, each of which is proxy server and SMTP server. The following describes how these two services are set up separately.

Figure 1.43 Proxy Server Setup interface diagram 1.44 SMTP Service Setup Interface

1.Proxy Service

The proxy service is used to forward HTTP requests. Assuming network organization is needed. Nessus will use this setting to implement plug-in updates and communicate with remote scanners. The following describes how the proxy service is set up.

For example, see the following:

(1) in the Setup interface, select the Communication tab and the 1.43 view interface will be displayed.

As you can see from this interface, there are five fields together. However, only the host and port fields are required. The Username, password, and user-agent three fields are optional. The meanings of each field are described below, as seen below:

• Q Host: the hostname or IP of the proxy server.
• Q Port: The port number of the proxy server connection.

• Q Username: Username of the proxy server connection.
• Q Password: Usernamepassword of the proxy server connection.

• Q user-agent: If the proxy server uses the specified HTTP user agent filter, the field is set.

  This field is primarily used when you define a proxy string for yourself.

2. SMTP Service

SMTP (Simple Mail Transfer Protocol. Simple Mail Transfer Protocol) is the standard for sending and receiving messages. Once the SMTP service is configured. Nessus will send the results of the scan to the recipient specified by the email notifications option. The SMTP service is set up in interface 1.44 as seen in.

Each of the fields in the SMTP Service settings interface is described in detail below.

For example, see the following:

• Q HOST:SMTP The host name or IP address of the service.
• Q Port: The port number used to connect to the SMTP service.
• Q from (sender email): Send the email address of the scan report.

• Q Encryption: Which encryption method is used to encrypt the contents of the message. Nessus provides three ways, each of which is the Force SSL, the Force TLS, and the use TLS if available. Default. No encryption (no encryption) is used.
• Q Hostname (for email links): The host name or IP address of the Nessus service.

• Q Auth METHOD:SMTP Service authentication method.

  Nessus provides five authentication methods, each of which is plain, LOGIN, NTLM, and CRAM-MD5. By default, no authentication method is used, that is none.

• Q Username: Username for authenticating the SMTP service
• Q Password: The appropriate Password for authenticating the SMTP service user.

tip: in the SMTP Service Setup interface, the username and password fields will not appear if no authentication method is used.

This article is selected from: Nessus Vulnerability Scanning Basic Tutorial University bully internal information, reproduced please indicate the source, respect the technology respect it people!

Nessus Vulnerability Scanning Tutorial configuration Nessus