Security

Getting Started with Nessus Scanner

Nessus Tenable is a Kali Linux open-source software common among penetration testers. It is used to provide a variety of security fixes.  You will frequently use this tool while working as a pen-tester to scan for potential vulnerabilities on a server/website.

Nessus scanner is a professional tool widely used by hackers and penetration testers. It assists one to perform high-speed asset discovery, target profiling, malware detection, and sensitive data discovery.

Tenable delivers updated plugins that provide the latest information to customers within 24 hours after a vulnerability has leaked.

Goal

At the end of this tutorial, you should be able to:

Download and install Kali Linux on your pc.
Understand the fundamentals and advantages of the Nessus scanner.
Install and download Nessus Tenable.
Understand the procedures for identifying and fixing vulnerabilities.

Advantages of Nessus Scanner

It helps developers identify vulnerabilities before attackers can exploit them.
It assists in finding misconfigurations like missing patches and mail-relay.
It improves the process of capturing data and predicting the impact of certain threats on a network.

If you do not have Kali Linux installed on your pc, do not worry, we will show you how to set it up quickly.

Step 1 - Installing Kali Linux

You can download Kali Linux from here

Downloading Vmware (virtual box)

After successfully downloading the Kali Linux ISO, you can now download the Vmware

Follow this tutorial to install the VMware.

After the installation, start Kali Linux and enter your username and password when prompted.

The default username is root and the password is toor.

Step 2 - Download Nessus Tenable

After downloading Nessus Tenable, use the following steps to install it on Kali-Linux:

Firstly, start the terminal by holding the cltr+alt+T buttons simultaneously, or by using the Graphical User Interface (GUI). Navigate to the application section and double-click on the terminal.

Next, run the command below on the terminal to update or upgrade your Kali Linux installation.

$ sudo apt-get upgrade && update -y

Now, let us change our directory to Downloads.

$ cd Downloads

Use the command below to list all files in Downloads, then copy the downloaded file name:

$ ls

Use the following command to download and install the package:

$ dpkg -i Nessus-10.0.2-ubuntu910_amd64.deb

dpkg

Start Nessus by typing the following into your terminal:

$ /bin/systemctl start nessusd.service

Navigate to https://kali:8843/ in your browser to start Nessus and configure your scanner.

The default port to run Nessus is 8834.

If you see a connection not secure page, click advance and accept risk then continue.

Congratulations! You have now installed Nessus on Kali-Linux. Wait for the necessary Nessus plugins to compile then click Nessus Essentials and the continue button after the compilation.

Step 3 - Activation

Provide your name and a valid email to receive an activation code.

Once your activation code has arrived in your email, go ahead and copy it. Paste the code into the activation box and click continue. Enter your username and password to log in.

Nessus will start the initialization process, which will take a couple of minutes.

Metasploitable

Step 4 - Using Metasploitable

We will use Metasploitable 2 as our vulnerable machine for scanning.

Metasploitable is an intentionally vulnerable virtual machine designed for training, exploit testing and general target practice.

Unlike other vulnerable virtual machines, Metasploitable focuses on vulnerabilities at the operating system and network services layers instead of custom, vulnerable applications.

Downloading Metasploitable

You can download Metasploitable from the official website.

Follow this tutorial to install Metasploitable into a virtual box.

After the installation completes, you can confirm it by opening the terminal in Kali Linux and typing the IP address of Metasploitable in your browser.

Note that whatever you learn in this tutorial is only for educational purposes.

Scanning

Navigate to Nessus in your browser tab. You will be directed to a blank screen since we have not made any scans yet.

Go ahead and click the new scan at the top right corner of the page.

In the scan template, you will find different options. We will focus on the Basic Network Scan and Advanced Scan.

In the free Nessus edition, we can scan up to 16 private addresses at a time.

Basic network scan

To begin, click on the basic network option. You will see the following tabs:

General - This is where you provide information about the target you want to scan.
Schedule - Once enabled, Nessus will run a scheduled scan on a machine at a given time.
Notification: This option is for the SMTP server.
Discovery: This will scan a specific port on the target machine.

Go ahead and type in the name of your target machine and description. We will provide Metasploitable's IP then click the save button.

New-Scan

After clicking the save button below, press the launch button on the next page to start the scanning process.

Once your scan is complete, double click on it, and you will see the scanned results with the identified vulnerabilities.

scan

Step 5

From the above results, the host has many vulnerabilities.

When you click the Bind Shell Backdoor Detection vulnerability, you will find the description and solution on how to fix this vulnerability.

Bind Shell Vuln

Nessus displays the severity, score, family, and count of all the vulnerabilities.

The dark red tab shows that the vulnerability is critical.
The red tab shows that the vulnerability is high.
The orange tab shows that the vulnerability is medium.
The yellow tab shows that the vulnerability is low.

Since our severity is categorized as critical and has a score of 9.8, we need to implement quick measures to prevent attackers from exploiting this vulnerability.