Ethical Hacking and Penetration Testing Guide
Nessus Vulnerability Scanner
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Nessus Vulnerability Scanner
- Installing Nessus on BackTrack
- Adding a User
|
Nessus Vulnerability Scanner
Nessus vulnerability scanner is often called the Swiss army knife of vulnerability scanners, as you might have noticed, the Nmap scripting engine has limited numbers of scripts and is only capable of detecting a few vulnerabilities, the reason you cannot completely rely on nmap for vulnerability assessment. The most common approach used by Nessus is to look at the banners/version headers, which most of the times reveal interesting information about the target such as the version of the service that is running. As you can see here, I have connected to a website’s FTP server on port 21. From the ban- ner, we can see that it is running Pure-FTPd. However, it is not showing the exact version of the Pure-FTPd. Also, the banner information can be easily changed/faked. This may cause nessus to generate a false positive. Nessus comes in two flavors: 1. Home feed 2. Professional feed Vulnerability Assessment ◾ 125 Home Feed Home feed is for personal use, and it contains information about everything from a vulnerability scanning perspective. Professional Feed Professional feed is for commercial usages mostly related to compliance checks and auditing pur- poses. This scanner is not available for free. Installing Nessus on BackTrack Nessus comes preloaded in BackTrack. However, in order for nessus to work, we need the activa- tion code, which can be obtained by signing up on the Nessus website, which will help us fetch the latest plug-ins from the Nessus website. http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code Next, you will have an option to choose “work feed” or “home feed.” Choose home feed and provide the e-mail address to which you want the activation code to be delivered. Once you receive the code, you can issue the following command from your BackTrack con- sole to register it: ◾ /opt/nessus/bin/nessus-fetch --register Adding a User After we have successfully updated the plug-ins, we need to register a user to nessus, The command for that would be as follows: ◾ /opt/nessus/sbin/nessus-adduser This will ask you for a username and a password; it will also ask you if you want to assign admin- istrative privileges to that particular user. The output would look similar to the following: 126 ◾ Ethical Hacking and Penetration Testing Guide Finally, you need to issue the following command in order to start the nessus server, which would be accessible at https://localhost:8834. ◾ /etc/init.d/nessusd start You can confirm if a nessus server is running by combining the netstat and grep command. The following command would highlight if a nessus server is listening upon port 8834: ◾ netstat –ano | grep 8834 Once you have completed these steps, you would need to navigate to https://localhost:8834 from your browser. Since you are accessing it the first time, you will be prompted to accept a generic certificate, which you need not do on subsequent visits. Next, you just need to log in to nessus with the credentials you defined earlier. This is how your log-in screen would look like: Yüklə 22,44 Mb. Dostları ilə paylaş:
|