Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment.
According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable Network Security estimates that it is used by over 75,000 organizations worldwide.
Nessus is a great tool designed to automate the testing and discovery of known security problems. Typically someone, a hacker group, a security company, or a researcher discovers a specific way to violate the security of a software product.
One of the very powerful features of Nessus is its client server technology. Servers can be placed at various strategic points on a network allowing tests to be conducted from various points of view. A central client or multiple distributed clients can control all the servers. The server portion will run on most any flavor of Unix. It even runs on MAC OS X and IBM/AIX, but Linux tends to make the installation simpler. These features provide a great deal of flexibility for the penetration tester. Clients are available for both Windows and Unix. The Nessus server performs the actual testing while the client provides configuration and reporting functionality.
Nessus allows scans for the following types of vulnerabilities:
- Vulnerabilities that allow a remote hacker to control or access sensitive data on a system.
- Misconfiguration (e.g. open mail relay, missing patches, etc.).
- Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
- Denials of service against the TCP/IP stack by using mangled packets.
- Preparation for PCI DSS audits.
- On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user.
select your package according to your computer and operating system.
#sudo dpkg -i Nessus-5.2.1-debian6_amd64.deb
#sudo /etc/init.d/nessusd start
Open a browser and navigate to https://127.0.0.1:8834
Select “use at HOME” option (not work as that’s commerical).
Enter your email to register for a plugins feed from Nessus.
Nessus will download the plugins (takes some time)
Use the username and password you used to register for a Nessus Feed.
That’s it! Nessus is installed, registered, and has a live feed.
Start your first Home Scan, before create a new scan we need to create a policy for the scan.
After creating policy , create a new scan to scan your internal network
Name = internal scan
Policy = Internal Scan
Targets = Your Internal home IP range.
eg 192.168.31.0/24 (/24 means all 254 hosts on your network)
Run Scan Button
Leave it running until it gets to 100%
Click Results Tab
Select the host to see individual results and vulnerablity in the hosts.
Select the vulnerability to get more detail
Export the results as a PDF.