How to identify Network Vulnerabilities using Nessus (Beginner Guide)

Every hackers or information security person is incomplete without a vulnerability scanner, especiallywithout Nessus vulnerability scanner. Because Nessus is a very powerful tool and world’s most popular vulnerability scanner and used by many companies and security professionals and also because it is free for personal use.

Nessus scans for following vulnerabilities:

  • Vulnerabilities that allow remote access.
  • Misconfiguration
  • Weak passwords
  • DOS (Denials of service) attack.
  • Help in PCI DSS (Payment Card Industry Data Security Standard) audits.
  • Mobile device audits
  • Customized reporting

 Installing Nessus

 Well, Nessus supports many different types of OS (Operating System) like different version Windows and Linux, Free BSD, Sun Solaris, etc.

So in this article, I’m using windows for installing Nessus.

You can download Nessus from here </ Nessus>

Download and install Nessus after that automatically Nessus will open in your browser with //locahost:8834 address if not then open your browser and type this address to setup Nessus. Click Continue

Create an account with administrator rights. You can also create more user accounts with administrative privilege account.

Now select your registration type and give Activation code which you will receive on your email account when you register and download Nessus from the official website.

Then click continue.

After that Nessus will start Downloading required things to perform a scan. It will take few minutes to complete if you have good internet speed.

After downloading and installation you will see Nessus web interface, where you will perform different types of scans.

To perform a scan click on New Scan.

Now there are many preset scanning templates for different types of environment.

Well, these are policies; on the basis of policy, we scan a network, cloud Infrastructure, web application and much more.

You can also create your own customized policy to perform scan according to your own requirement.

To create a customized policy click on Policythen click on New Policy.After that setting menu will appear here you have to set what you want to scan, ports, etc. Some of the policy required credentials to perform scan so, you have to provide credentials also.

Like here I created a policy for PCI DSS scan.

Like this you can create customized policy.

So now to perform a scan click on Scans and then New scan. After that select a preset template or you can also select, your customized policy to perform a scan. Here I’m selecting Advance Scan.

Now give a name to this scan, if you want to write some note related to this Vulnerability scan then type in Description section and then type the IP address of the target to perform vulnerability scanning. You can give a range of IP addresses also. Here we are performing a network vulnerability scanning.

Finally, LAUNCH you scan.

 After few minutes, Nessus will tell you about the vulnerabilities in your network. As you can see here Nessus found many vulnerabilities in one of my server in the network.

Basically Nessus uses the “Standard” CVSS (Common Vulnerability Scoring System) base for vulnerability scoring.

Here you can see Nessus found UnreallRCd Backdoor vulnerability and marked as CRITICALand CVSS score is 10.0. And exploits are also available online for this vulnerability.

Nessus also found Samba Badlock Vulnerability and marked as MEDIUM and CVSS score is 6.8. Even for this vulnerabilityexploits are available online.

In Remediation section, Nessus will tell you few countermeasures to protect and solve vulnerability on the network.

Author: AkshayBhardwaj is a passionate Ethical Hacker | Information Security Researcher | Technical writer. You can follow him on LinkedIn and Facebook

Leave a Reply

Your email address will not be published. Required fields are marked *