Nessus is a widely used vulnerability scanning and assessment tool developed by Tenable Network Security. It is designed to help security professionals and system administrators identify and address security vulnerabilities in networks, systems, endpoints, and applications. Nessus is known for its comprehensive vulnerability database, extensive scanning capabilities, and reporting features.
Scanning with Nessus
Nessus scans vulnerabilities by actively probing and assessing devices, hosts, and applications for known security vulnerabilities. It covers many vulnerabilities, including missing patches, misconfigurations, weak passwords, among others.
Plugin Architecture
Nessus operates on a plugin architecture, allowing users to extend its capabilities with additional plugins. These plugins define the checks and tests performed during a scan, and the Nessus plugin feed is regularly updated with new vulnerability checks as new vulnerabilities are revealed.
Remote vs Local Scanning
Nessus supports both remote and local scanning. Remote scanning involves assessing networked devices from a centralized Nessus server, while local scanning involves installing the Nessus agent on individual systems for more granular assessments.
Compliance Checks
Nessus includes compliance checks to assess systems against industry standards and regulatory frameworks. This feature helps organizations ensure their systems adhere to specific security benchmarks and compliance requirements.
Scanning Templates
Nessus offers pre-configured scanning templates tailored for different types of assessments, such as full audits, web application scanning, and compliance checks. Users can also create custom templates to meet specific requirements.
Policy Auditing
Nessus enables users to perform policy audits to evaluate the effectiveness of security policies and configurations within an organization. It helps identify deviations from established security baselines.
Installation
For the sake of this blog post, I will utilize Nessus Essentials, as it is free to subscribe to, register for, and install. Upon registering for Nessus, you will receive a product key necessary for the installation. I downloaded and installed the .deb extension of the Nessus installer since I use Kali Linux for this blog post. You can execute the dpkg command in order to initiate package installation. Then, you must start the Nessus service by either systemctl or service utility. The installation process is shown below.
You create an account.
Above is the default Nessus screen.
My humble personal advice is always to check for “stop scanning hosts that become unresponsive during the scan” and “slow down the scan when network congestion is detected," as depicted below, to prevent unexpected and undesired outcomes while Nessus is scanning the target.
First Scan
Navigate to “advanced scan” and fill out the necessary parameters.
Thanks for reading.
Can Özkan
