Lab 10
Scanning a Network Using the NessusTool
Nessus allows you to remotely audit a netirork and determine if it has been broken into or misused in some n ׳ay. It also provides the ability to locally audit a specific machine for vulnerabilities
Lab Scenario
in the previous lab, you learned to use Friendly Pinger to monitor network devices, receive server notification, ping information, track user access via the network, view grapliical traceroutes, etc. Once attackers have the information related to network devices, they can use it as an entry point to a network for a
comprehensive attack and perform many types of attacks ranging from DoS attacks to unauthorized administrative access. If attackers are able to get traceroute information, they might use a methodology such as firewalking to determine the services that are allowed through a firewall.
If an attacker gains physical access to a switch onother network device, he or she will be able to successfiUly install a rogue network device; therefore, as an administrator, you should disable unused ports in the configuration of the device. Also, it is very important that you use some methodologies to detect such rogue devices on the network. As an expert ethical hacker and penetration te ster, you must understand how vulnerabilities, compliance specifications, and content policy violations are scanned using the Nessus rool.
Lab Objectives
This lab will give you experience on scanning the network for vulnerabilities, and show you how to use Nessus. It will teach you how to:
■ Use the Nessus tool
■ Scan the network for vulnerabilities
Lab Environment
To cany out die lab, you need:
■ Nessus, located at D:\CEH-Tools\CEHv8 Module 03 Scanning NetworksWulnerability Scanning Tools\Nessus
■ You can also download the latest version of Nessus from the link http: / / www. tenable. c om / products/nessus/nessus-downloadagreement
■ If you decide to download the la te st version, then screenshots shown in the lab might differ
■ A computer running Windows Server 2012
■ A web browser with Internet access
■ Administrative privileges to run the Nessus tool
Lab Duration
Time: 20 Minutes
Overview o f Nessus Tool
Nessus helps students to learn, understand, and determine vulnerabilities and
weaknesses of a system and network in order to know how a system can be
exploited. Network vulnerabilities can be network topology and OS
vulnerabilities, open ports and running services, application and service
configuration errors, and application and service vulnerabilities.
Lab Tasks
1. To install Nessus navigate to D:\CEH-Tools\CEHv8 Module 03
Scanning NetworksWulnerability Scanning Tools\Nessus
2. Double-click the Nessus-5.0.1-x86_64.msi file.
3. The Open File - Security Warning window appears; click Run
 |
| FIGURE 10.1: Open File ־ Security Warning |
 |
| FIGURE 10.2: The Nessus installation window |
6. Select the radio button to accept the license agreement and click Next.
 |
| FIGURE 10.3: Hie Nessus Install Shield Wizard |
7. Select a destination folder and click Next.
 |
| FIGURE 10.4: Tlie Nessus Install Shield Wizard |
 |
| FIGURE 10.5: The Nessus Install Shield Wizard for Setup Type |
 |
| FIGURE 10.6: Nessus InstallShield Wizard |
 |
| FIGURE 10.7: Nessus Install Shield wizard |
■ The major directories of Nessus are shown in the following table.
 |
| TABLE 10.1: Nessus Major Directories |
11. After installation Nessus opens in your default browser.
12. The Welcome to Nessus screen appears, click die here link to connect via SSL
 |
| FIGURE 10.8: Nessus SSL certification |
 |
| FIGURE 10.9: Internet Explorer Security Alert |
14. Click the Continue to this website (not recommended) link to continue
 |
| FIGURE 10.10: Internet Explorer website’s security certificate |
15. on OK in the Security Alert pop-up, if it appears
 |
| FIGURE 10.11: Internet Explorer Security Alert |
16. Tlie Thank you for installing Nessus screen appears. Click the Get Started > button.
 |
| FIGURE 10.11: Nessus Getting Started |
17. in Initial Account Setup enter the credentials given at the time of registration and click Next >
 |
| FIGURE 10.12: Nessus Initial Account Setup |
18. 111 Plugin Feed Registration, you need to enter die activation code. To obtain activation code, click the http://www.nessus.org/register/ link.
19. Click the Using Nessus at Home icon in Obtain an Activation Code
 |
| FIGURE 10.13: Nessus Obtaining Activation Code |
20. 111 Nessus for Home accept the agreement by clicking the Agree button as shown in the following figure.
 |
| FIGURE 10.14: Nessus Subscription Agreement |
21. Fill in the Register a HomeFeed section to obtain an activation code and click Register.
 |
| FIGURE 10.15: Nessus Registering HomeFeed |
 |
| FIGURE 10.16: Nessus Registration Completed |
 |
| FIGURE 10.17: Nessus Registration mail |
24. Now enter the activation code received to your email ID and click Next.
 |
| FIGURE 10.18: Nessus Applying Activation Code |
 |
| FIGURE 10.19: Nessus Registering Activation Code |
 |
| FIGURE 10.20: Nessus Downloading Plugins |
 |
| FIGURE 10.21: Nessus fetching tlie newest plugin set |
 |
| FIGURE 10.22: The Nessus Log In screen |
29. The Nessus HomeFeed window appears. Click OK.
 |
| FIGURE 10.23: Nessus HomeFeed subscription |
 |
| FIGURE 10.24: The Nessus main screen |
 |
| FIGURE 10.25: The Nessus administrator view |
 |
| FIGURE 10.26: Adding Policies |
33. To configure die credentials of new policy, click die Credentials tab shown in the left pane o f Add Policy
 |
| FIGURE 10.27: Adding Policies and setting Credentials |
34. To select the required plugins, click the Plugins tab in the left pane of Add Policy.
 |
| FIGURE 10.28: Adding Policies and selecting Plugins |
35. To configure preferences, click the Preferences tab in the left pane of Add Policy.
36. In the Plugin field, select Database settings from the drop-down list
37. Enter the Login details given at die time o f registration.
38. Giver the Database SID: 4587, Database port to use: 124, and select, and select Oracle auth type: SYSDBA.
39. Click Submit.
 |
| FIGURE 10.29: Adding Policies and setting Preferences |
 |
| FIGURE 10.30: The NetworkScan Policy |
42. Input the field Name, Type, Policy, and Scan Target
43. 111 Scan Targets, enter die IP address o f your network; here in this lab we are scanning 10.0.0.2.
44. Click Launch Scan at die bottom-right of the window.
Note: The IP addresses may differ in your lab environment
 |
| FIGURE 10.31: Add Scan |
 |
| FIGURE 10.32: Scanning in progress |
46. After the scan is complete, click the Reports tab
 |
| FIGURE 10.33: Nessus Reports tab |
47. Double-click Local Network to view the detailed scan report
 |
| FIGURE 10.34: Report o f the scanned target |
48. Double-click any result to display a more detailed synopsis, description, security level, and solution.
 |
| FIGURE 10.35: Report o f a scanned target |
50. You can download available reports with a .n e ssu s extension from the drop-down list.
 |
| FIGURE 10.36: Download Report with .nessus extension |
52. 111 the Nessus Server Manager, click Stop N e ssu s Server.
 |
| FIGURE 10.37: Log out Nessus |
Document all die results and reports gadiered during die lab.
Questions
1. Evaluate the OS platforms that Nessus has builds for. Evaluate whether Nessus works with the security center.
2. Determine how the Nessus license works in a VM (Virtual Machine) environment.
Không có nhận xét nào:
Đăng nhận xét