Penetration Testing with Kali Linux OffSec
|
|
Figure 41: Downloading Nessus Plugins
After the plugins are downloaded and installed, we have a working instance of Nessus Essentials. 7.2.2 Nessus Components Before we start our first vulnerability scan with Nessus, we’ll take some time to get familiar with the core components. When we log in for the first time, we find a welcome window that allows us to enter targets. We can close it without entering anything for now. First, let’s investigate the tabs in the Nessus dashboard. In the Essentials version of Nessus, we have two tabs called Scans and Settings . Figure 42: Exploring Nessus Settings The Settings tab allows us to configure the application. For example, we can enter information for a SMTP server 308 to get scan results via email. The advanced menu allows us to configure global settings ranging from user interface, scan and log behavior, to security and performance related options. As shown in Figure 42, the About menu lists basic information for Nessus, our license, and how many hosts we have left. For further information on how we can customize and configure Nessus, we can consult the Nessus documentation. 309 Next, let’s examine policies and templates, we’ll click on the Scan tab then on Policies . A policy is a set of predefined configuration options in the context of a Nessus scan. When we save a policy, we can use it as a template for a new scan. Let’s now click on Scan Templates . Nessus already provides a broad variety of scanning templates for us to use. 310 These templates are grouped into the three categories Discovery , Vulnerabilities , and Compliance . 308 (Wikipedia, 2022), https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol 309 (Tenable Docs, 2022), https://docs.tenable.com/nessus/Content/Settings.htm 310 (Tenable Documentation, 2022), https://docs.tenable.com/nessus/Content/ScanAndPolicyTemplates.htm Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 174 Figure 43: Nessus Policy Templates The Compliance category is only available in the enterprise version as well as the Mobile Device Scan template. The only template in the Discovery category is Host Discovery , which can be used to create a list of live hosts and their open ports. The Vulnerabilities category consists of templates for critical vulnerabilities or vulnerability groups e.g. PrintNightmare 311 or Zerologon 312 as well as templates for common scanning areas e.g. Web Application Tests or Malware Scans . Nessus also provides three general vulnerability scanning templates: 1. The Basic Network Scan performs a full scan with the majority of settings predefined. It will detect a broad variety of vulnerabilities and is therefore the recommended scanning template by Nessus. We also have the option to customize these settings and recommendations. 2. The Advanced Scan is a template without any predefined settings. We can use this when we want to fully customize our vulnerability scan or if we have specific needs. 3. The last general scanning template, Advanced Dynamic Scan , also comes without any predefined settings or recommendations. The biggest difference between the two templates is that in the Advanced Dynamic Scan, we don’t need to select plugins manually. The template allows us to configure a Yüklə Dostları ilə paylaş:
|