Dashboard
Courses
Logout

NAME

Course Overview

/

Using Nessus

Using Nessus

Using Nessus



By understandinghow to use Nessus, you will be able to quickly and effectivelyidentify vulnerabilities that exist across a network.



TheNessus interface provides a user-friendly environment for managingand conducting vulnerability scans. Understanding the varioussections and features of the interface will help you make the most ofthe tool. Here are the key components to navigate:

Dashboard:The Dashboard provides an overview of the current status of yourscans, recent scan activity, and critical vulnerabilities. It offersa snapshot of your network's security posture.

Scans:The Scans section allows you to manage and create new scans. You canview the status of ongoing and completed scans, as well as accessscan reports. This section is where you'll spend most of your timewhen working with Nessus.

Policies:Nessus uses policies to define the parameters and rules for eachscan. In the Policies section, you can create, edit, and manage scanpolicies based on your specific needs. It is essential to understandand configure policies properly to tailor the scans to yourenvironment.

To use Nessus youwill need to create a new scan.  Simple select the “New Scan”option



This provides arange of different scan templates.  Different scans have some subtledifferences.



The most commonscan you are likely to use is the Basic Network Scan, or the AdvancedScan (where you will have control of the types of actions a scan willexecute – many pentesters may create a scan template by modifyingthe advanced scan to the specific requirements they need for aclient).

This documentwill explore the Basic Network Scan.  When choosing a scan you willsee a screen like the following





All Nessus scantemplates have multiple headings and subheadings here providing inputscreens but they are not all required to be able to launch a scan(These headings do not change from one scan to the next but thedefault options and settings will).  Most of them are used to modifya scan to your specific requirements if you choose to.  Abreakdown of these screens for a basic scan are as follows:

  • Basic
  • General – You are required to put the name and the targets of your scan here. You can choose to add a description and have the scan go to a folder if you would like
  • Schedule – You are able to set a start time for your Nessus scan here
  • Notifications – If you configure it with an SMTP server, you are able to have Nessus email when a scan is completed and send the report
  • Discovery
  • Define what ports will be scanned.  Common, all ports, or a custom list
  • Assessment
  • Define the level of testing that will occur should a web application be identified.
  • Report
  • Select how the data will be presented to you.  Should hosts be identified by IP or hostname, should all missing patches be included or should some be hidden if they are superseded by another patch etc.
  • Advanced
  • Configure the settings of how the scan will be executed.  This includes number of concurrent hosts being scanned, maximum timeout, maximum simultaneous checks etc.



To launch a scanthe only required fields are Name, and Targets.  The name can beanything you choose it to be e.g. (Nessus 1st scan,home-wifi, client-network, etc.)  The targets section supportsdifferent ways of providing the devices to be scanned

  • IP ranges
  • 192.168.1.10-192.168.10.100
  • Network ranges
  • 192.168.1.0/24
  • Hostnames
  • www.google.com
  • Target list
  • A file with IP addresses, network ranges, or hostnames each separated by a new line