This is a short nessus tutorial to help you get to grips with nessus. Nessus is a vulnerability scanner. Nessus can scan your assets for network security vulnerabilities. Nessus allows you to be proactive in securing your base so that all your base belongs to you :D
Nessus tutorial quick links:
You can download Nessus from nessus.org. Nessus installs on windows and Linux and osx.
If you have already installed nessus, then you can keep it updated by running:
if nessus needs a ‘core upgrade’ then you can run
service nessusd stop /opt/nessus/sbin/nessuscli update
Once you install Nessus you need to activate a ‘feed’ before you can use it. The feed will keep your Nessus plugins up-to-date with the latest security issues.
There are two options for this:
The professional feed will give you access to lots of nice plugins. The home feed will give you lots of plugins, but not quite as many as the pro feed does. You need to pick one. Once you register Nessus will send you an email with an activation code in it and instructions on how to activate your feed. Once activated Nessus will take a while to load on first run. This is normal.
When you have Nessus up and running you will want to scan something. This is a Nessus tutorial after all, so ill begin:
Nessus splits its web front end into 4 sections:
Reports, Scans, Policies and Users
Reports are just that – this section contains the reports from all the past scans that you have run against a target or a set of targets.
Scans are where you configure the settings to run a new scan (eg running an XSS check against your own website)
Policies are where you configure the things that you would like to run during the scans configured above. eg you could make a policy for ‘pci compliance’ and another for ‘front end XSS checks’
Users give the system some permission control over which policies users can run.
The policy section uses plugins. One for each type of test. There are lots and lots of plugins and lots and lots of settings to choose from, but ill give you a basic set to get you started.
You now need to set some things for your policy
All the options and setting descriptions are available in the Nessus user manual [page 11]
By default Nessus loads all plugins. The next thing you want to do is
Each of the plugins in Nessus comes with a description, so if you don’t know what it is, just select it and read the description
The next step is to click ‘Preferences’ on the right.
Hit ‘submit’ to save all the settings.
Once you have configured a policy it is then available to users with sufficient permissions to use as ‘parameters’ for a scan. Once you have set up the policies correctly then you don’t need to set them up every time!!!
I’m not going to explain what these are, there is lots of information available, and if you do know what they are then good =)
Once you have a policy in place you can initiate a scan:
Wait for the scan to complete and then go to the reports tab to view the results =)
I’ve found a few good nessus tutorial that explain to you how the parameters work and how to start scanning your sites for different vulnerabilities
http://www.symantec.com/connect/articles/introduction-nessus has some good info; though a bit outdated
There is, of course http://www.nessus.org/documentation/ which has lots of info
Hopefully this nessus tutorial for beginners sets you on the path to finding and patching vulnerabilities in your assets and provides a high-level security view over your machines – You might want to check my metasploit beginners tutorial