How to Use Nessus to Scan Your Network for Vulnerabilities

Posted on by

When it comes to network security, most of the tools for testing your network are pretty complex . Nessus is not new, but it definitely bucks this trend. It’s incredibly easy to use, works fast, and can give you a quick rundown of your network’s security with the click of a button.

If someone wanted to hack into your local network, the first thing they did was run a vulnerability scan and then did a penetration test. Vulnerability scan examines various devices on your network and looks for potential holes such as open ports, outdated software with known vulnerabilities, or default passwords on devices. If they find something, the hacker will check those vulnerabilities and then find a way to exploit them. Testing for these vulnerabilities is a two-step process because a scan simply identifies the possibility of a problem, and a penetration test checks if the problem can actually be exploited.

Nessus is commercial software for finding vulnerabilities, but the free home edition offers many tools to help you explore and harden your home network. He also points out many different tools for post-penetration testing of the network if you want to know more. Here’s how to use it.

Step 1. Download and install Nessus

To download Nessus, you first need to register an online account so you can download the software and receive an activation code.

  1. Go to the Nessus home page , enter your name and email address, and then click the Register button. You will want to use a real email address here because Nessus will send you an activation code, which you will need later.
  2. Click the Download button, then download Nessus for your operating system. It is available for Windows, Mac and Linux.
  3. Once the download is complete, run the installation package and follow the onscreen instructions to complete the installation.

Nessus creates a local server on your computer and runs from there, so don’t be surprised if the installation process is a little different from what you’re used to.

Step 2. Set up your Nessus account and activation code

After installing Nessus, point in your browser: https://localhost:8834/ Here we https://localhost:8834/ the registration process and activate your copy of Nessus.

  1. The first time you launch Nessus, you receive a “Your connection is not secure” warning from your browser. Click Advanced and then Go to Local Host to bypass this warning.
  2. Create an account on the Account Setup screen, leave registration as Home, Professional, or Manager, and then enter the activation code from your email. Click Continue.

Nessus will then download a series of tools and plugins to properly scan your network with the updated utilities. This can take a few minutes, so grab a cup of coffee and sit back.

Step 3. Start scanning for vulnerabilities

It’s time to really test your network. This is the most interesting thing. Nessus can actually scan for quite a few different problems, but most of us will be happy with basic network scanning because it offers a good overview.

  1. Click New Scan.
  2. Click Basic Network Scanning.
  3. Name your scan and add a description.
  4. In the Targets field, you will want to enter the IP scan data of your home network. For example, if your router has an address of 192.168.0.1, you must enter 192.168.0.1/24 . This will force Nessus to scan all devices on your network (if you don’t have a ton of devices, this is probably as many as you need). If you’re not sure about your router ‘s local IP address, here’s how to find it .
  5. Click “Save”.
  6. On the next screen, click the Play icon to start scanning.

Depending on what and how many devices you have on your network, the scan will take a while, so sit back and relax while Nessus does its job.

Besides basic network scans, you can also run advanced scans, which include advanced options to narrow your search, bad block scan that detects security issues with SAMBA , and Shellshock scan that looks for vulnerabilities on older Linux or Mac machines. , a DROWN scan , which looks for computers that host sites susceptible to DROWN attacks , and several other more thorough scans. Most of these problems will also be detected with a basic network scan, but if you are doing anything other than maintaining a normal home network, such as running a private server that is accessible to the Internet, you need to double check that everything is up to date using the more specific scan modes. … For the rest of us, basic network scanning is fine.

Step four: experience the results

After Nessus has finished running, you will see a set of colored graphs for each device (called hosts) on your network. Each color in the graph represents the severity of the vulnerability, from low to critical.

Your results should include all devices on your local network, from router to Wi-Fi enabled printer. Click the graph to view more information about the vulnerabilities on each device. Vulnerabilities are listed as “plugins” and this is just a way of detecting Nessus vulnerabilities . Click on any plugin for more information on the vulnerability, including white papers, press releases, or patch notes for potential fixes. You can also click the Vulnerabilities tab to see an overview of all potential vulnerabilities in the network as a whole.

Take a second to click the link for each vulnerability, and then read how a hacker could exploit it. For example, I have an old Apple TV with ancient firmware installed because it has never been used. The Nessus scanner found it and flagged it as a “high” priority vulnerability, then went to Apple’s security updates page for more information. This lets me know that a hacker might be using the Apple TV firmware by setting up a fake hotspot. The Vulnerabilities page also contains a helpful list of what software is needed to penetrate and crack this vulnerability. For example, Nessus listsMetasploit as the toolkit needed to exploit this vulnerability, and with this knowledge, you can search Google for instructions on how to exploit this vulnerability.

There is a chance that some of these vulnerabilities will be a little obvious. For example, Nessus detects any device still using the default password or indicates when the computer or device has outdated firmware. Most of the time, however, you probably won’t understand what the hell these results are looking at.

Step five: what to do next

Nessus gives you all this data, but what exactly should you do with it? It depends on what vulnerabilities Nessus detects.

After scanning is complete, click the Fixes tab. This is where you find the biggest potential security holes in your network. In my case, along with the Apple TV, this includes an ancient version of Adobe AIR installed on my laptop, an old version of Firefox, a Raspberry Pi with an old version of Apache, and a few others. All these problems can be easily fixed by updating or uninstalling old software. You might think that you are vigilantly updating your software, but neither am I, and yet I still had a lot of weird old software that I never use sitting around creating potential hotspots for a hacker. Your mileage will of course vary here, but regardless of your results, Nessus provides the information you need to close any holes.

While this all may sound a little intimidating, it’s worth noting that while Nessus gives you many potential paths to the web, it is not a reliable guide. Aside from having to be on your network in the first place (which is of course not that difficult), they also need to know how to actually use the various exploitation tools Nessus offers.

While an exploit on my Apple TV could potentially give someone access to the device, that doesn’t necessarily mean they can do whatever they want when they get there. However, as an end user just trying to harden the network, Nessus is a great starting point for finding the most obvious vulnerabilities that could make you an easy target, or simply exploring your home network. Thanks to a very limited Google search, Nessus provides you with tons of different hacking tools and a wide range of software, so dig in and find out as much as possible.

More…

0
Internet

Leave a Reply