Oct 14, 2018
1 0

How to Scan for Vulnerabilities with Nessus

Written by
Welcome back, my tenderfoot hackers! Generally, you will want to perform a vulnerability scan before doing a penetration test. Vulnerability scanners contain a database of all known vulnerabilities and will scan your machine or network to see whether those vulnerabilities appear to exist. If they do, it is your job to test whether they are real and can be exploited.Vulnerability scanners are notorious for throwing false positives. These are found vulnerabilities by the scanner that is not really there. If vulnerability scanners could accurately detect vulnerabilities, then who would need pentesters?Among the most widely used vulnerability scanners on the market is Nessus. It has become a kind of standard for vulnerability scanners. Originally begun as an open-source project, it was purchased by Tenable and is now a commercial product. Despite this, Nessus still has a “home” vulnerability scanner that they give away for free, and you can use it for up to 16 IP addresses. That’s what we will be using here.

As a hacker, if you can do a vulnerability scan on an internal network, you will have a database of all the potential vulnerabilities on the network. Then, you simply need to find the proper exploit to take advantage of it. Unfortunately, vulnerability scanners are very “noisy” and a vigilant security/network admin will detect it. Fortunately, not all organizations have a vigilant security/network admin.

Although Nessus has been around for quite awhile, the U.S. government has only recently switched over to Nessus for all their vulnerability scanning. Nearly every federal office and U.S. military base around the world now uses Nessus to scan for vulnerabilities. This could be useful information.

READ ALSO  Understating asymmetric and symmetric key cryptography, hash functions, MITM attacks, Salts, Bruteforce attacks and more

Vulnerability scanners are not perfect. They cannot detect zero-days, and like AV software, their database needs to be updated daily to be accurate. Probably the greatest limiting factor in using vulnerability scanners are the false positives. These scans may produce hundreds of potential vulnerabilities and usually less than 10% are actual vulnerabilities. That’s why companies and institutions still need white hat hackers—to separate out the false positives from the true positives. When they no longer produce false positives, penetration testers will be unemployed, but I don’t expect to see that in my lifetime.

As a white hat hacker/pentester, you need to be familiar with vulnerability scanners. Since Nessus is the most widely used one, let’s try it out. For those of you who might want a vulnerability scanner that integrates into Metasploit, consider Rapid7’s Nexpose

Step 1Installing Nessus

To begin, we need to download Nessus from the Tenable website. Tenable does not make it easy to find their free, home version, but you can find it right here.

Tenable requires that you register to get their free application, so you will need to give them an email address to receive an activation code.

When you click on “Register,” select the “Download” button to visit the downloads page, where it asks what operating system you are using. In my case, I downloaded the 64-bit Windows 7 version. Of course, download the version appropriate to your operating system and architecture.

After choosing the right file, Nessus will download an installer package to your computer. Double-click on it, and it should be fairly intuitive from there to complete the installation process.

READ ALSO  If devices are connected to the same switch but are in different subnets do they share the same gateway?

Step 2Getting Nessus Working

After the installation is complete, Nessus will open your default browser with the message like that below. Nessus is built with a client/server architecture. You have installed your server on localhost and the browser represents the client. In reality, you can access the Nessus server from any system via a web browser.

You are likely to get a message that says “Your connection is not secure.” Click on “Advanced.”

Then, enter an exception for the Nessus connection on port 8834.

Step 3Setting Up Nessus

Now we are ready to start using Nessus to find vulnerabilities.

You will need to first set up an account. This is the account that you will use to log into the Nessus server.

After entering your username and your password (this username and password is only for Nessus), you are ready to activate Nessus. Go back to your email and retrieve the activation code that Nessus sent you and enter it when prompted.

When done, Nessus will begin to download all the updates and plugins necessary to find vulnerabilities on your network. Be patient, as this can take awhile.

Step 4Starting Your Vulnerability Scan

When Nessus has completed its update, you will be greeted with a screen like that below. Click on “New Scan.”

This opens a new screen giving you choices as to the type of scan you want to execute. Note that some of the scans can only be done with an upgrade. Let’s click on “Basic Network Scan.”

This opens a screen like that below, which asks you to name your scan and enumerate your targets.

READ ALSO  SQL Injection Vulnerabilities and How to Prevent Them

I simply named it “First Scan” and had it scan my local network at You can name yours whatever you like, but make certain to use the IPs on your network, then click “Save.”

Now, click on the “Launch” button to start the vulnerability scan.

Step 5Viewing Your Vulnerability Results

When the vulnerability scan is complete, it will list each of the hosts by IPs scanned, and the associated risks to each. The risks are color coded, with the burnt orange being the most critical.

Click on “Vulnerabilities” in the top-line menu to display all the vulnerabilities found on the network.

When an individual vulnerability is selected, it displays more detail on that particular vulnerability. My “CodeMeter” vulnerability is shown below.

Finally, results can be saved in several different formats for reporting purposes. Click on the “Export” tab to pull down a menu with:

  • Nessus
  • PDF
  • HTML
  • CSV
  • Nessus DB

In my case, I chose PDF; a menu pops up with the name of the file, and asks which program to open it up with.

Nessus has become the de facto standard in vulnerability scanners, and every white hat hacker should be familiar with it. It is capable of finding known vulnerabilities, but its limitation, like all vulnerability scanners, are false positives. Once the white hat hacker has this list of vulnerabilities, they need to test each of them to determine if they are actual vulnerabilities or not.

Keep coming back, my tenderfoot hackers, as we learn the technologies and techniques of the most important skill set of the 21st century—hacking!

Article Tags:
· ·
Article Categories:
Hacking · Master Hack


Comments to How to Scan for Vulnerabilities with Nessus

  • Ou Trouver Cialis 20 Acheter Sildenafil How To Buy Colchicine Online With No Rx [url=http://orderlevi.com]levitra online no prescription[/url] Kemadrin El Cialis Funciona Mejor Que El Viagra Buy Propecia Forum Healty Man Buy Hczt Priligy Rezeptfrei Kaufen [url=http://buyviaa.com]generic viagra[/url] Viagra 6 Free Sample Chloroquin Keflex Interactions With Other Medications Keflex Expansion Compensators Cialis Vendita On Line Viagra Pharmacie Sans Ordonnance [url=http://bestviaonline.com]viagra[/url] Erfahrungsbericht Viagra 50 Acide Clavulanique Biogaran Enfant Cialis In Brasile [url=http://cheapciali.com]cialis 20mg price at walmart[/url] What The Diffencebetween Venlafaxine Does Keflex Make Your Heart Race Cialis Est Il Vendu Sans Ordonnance Zithromax Uk Buy [url=http://buycialonline.com]cialis[/url] Cialis Online 5 Mg Canadian Drugs No Prescription [url=http://catabs.com]priligy farmacia ahumada[/url] Cymbalta Prix Du Kamagra Pfizer Cialis Comprar En Farmacia

    JeaInorse December 31, 2018 11:20 pm Reply
  • Cialis Alcolici Propecia Effects On Women Oral Accutane 40 Mg Online [url=http://cialibuy.com]where to buy cialis online safely[/url] Where To Buy Levitra Cheap Cheap Acyclovir Levitra Composicion Generic Cialis With Dapoxetine [url=http://bpdrug.com]priligy erectile dysfunction[/url] Amoxicillin Absorbtion Amount India Pharamcy Zoloft Generic Cialis For Sale [url=http://erxbid.com]precio de cialis generico en aguascalientes[/url] Fast Ship Cnaadian Viagra Viagra Cialis Online Pharmacy [url=http://elc4sa.com]viagra[/url] Fedex Shipping Clobetasol Mastercard Low Price Buy Viagra In Indonesia [url=http://euhomme.com]buy cialis[/url] Amoxicillin Protocols Amoxicillin Genital Tract [url=http://viapill.com]viagra[/url] Viagra Ligne Suisse Viagra Estuvo Aqui

    JeaInorse January 16, 2019 2:33 am Reply
  • Benicar Efectos Secundarios [url=http://catabs.com]cuando tomar priligy[/url] Amoxicillin For Strep Diflucan Online Florida Acyclovir No Script Canada Zithromax Dose Pediatric Cytotec 200pg Pharmacie En Ligne [url=http://buycialcheap.com]cialis 20mg for sale[/url] Purchasing Real Acticin Scabies Medication With Overnight Delivery Canadian Pharmacy Levetra Amoxicillin Trk Clv 800mg Viagra Propecia Galenica [url=http://sildenaf50.com]viagra[/url] Amoxicillin Solution 1841 Finasteride 1mg No Prescription Purchase Tadalafil Online Viagra For Men Price In Kolkata 390 Liquid Amoxicillin Dosage [url=http://avdrug.com]cout du levitra 20mg[/url] Propecia Buy Uk Hair Follicles Provera Shop Levitra Im Internet Bestellen Cephalexin 750 Mg Acheter Baclofene Sur Internet [url=http://leviinusa.com]generic levitra professional 20 mg[/url] Amoxicillin And Tetracycline Dogs Cephalexin 250 Mg Canada

    JeaInorse January 22, 2019 8:52 am Reply
  • Fluoxetine With Overnight Delivery Onadron [url=http://levitab.com]low cost levitra[/url] Levitra Blindness Baclofene En Suisse Priligy Mexico Costo [url=http://genericvia.com]viagra online pharmacy[/url] Real Levaquin Discount Low Price Online Como Comprar Finasteride Propecia Cialis Posologia 20 Mg Impetigo Amoxicillin [url=http://66pills.com]viagra[/url] Clomid Ado Acticin Pills Abilify Via Mail Order Nausea Generic Propecia Finasteride [url=http://sildenaf100.com]viagra online pharmacy[/url] Cialis 20mg Kosten Adverse Effect Of Amoxicillin For Elderly Marcas De Propecia Propecia Online Price [url=http://uscagsa.com]cialis 40 mg[/url] Xenical Donde Compro Online Usa Dose Of Amoxicillin For Sinus Infection Valtrex Online Uk

    JeaInorse January 31, 2019 4:17 am Reply
  • Viagra Efectos Secundarios Comunes Candian No Script Pharmacy [url=http://levicost.com]is it safe to buy levitra on line[/url] Viagra Prix Pharmacie Forum Isotretinoin Order Now Free Consultation Comprar Priligy Online Espana Keflex And Vaginitis Viagra Generika Rezeptfrei [url=http://cialviag.com]online cialis[/url] Cialis Werbung Belgio Prezzo Kamagra Cialis Spermienqualitat

    JeaInorse February 7, 2019 7:19 am Reply
  • Buy Propecia Fda Approved [url=http://ciali5mg.com]cialis for sale[/url] Clomid Absence Ovulation Discount On Line Doxycycline

    JeaInorse February 18, 2019 11:36 am Reply
  • Pingback: apex legends newsy

  • Propaganda De Kamagra Strep Throat Amoxil Canadianhealthandcaremallviagra [url=http://leviinusa.com]40 mg levitra pills on line for sale[/url] Amoxicillin Animals Cheap Brand Name Viagra Online

    JeaInorse March 10, 2019 2:09 am Reply
  • Pingback: UK Chat Rooms

  • Pingback: led displays

  • Pingback: afscmelocal590.org

  • Pingback: รับทำเว็บไซต์

  • Eroxim Kamagra [url=http://xbmeds.com][/url] Flagyl Online In Uk Viagra For Man

    JeaInorse March 26, 2019 8:42 pm Reply

Leave a Reply

Your email address will not be published. Required fields are marked *