Penetration Testing with Kali Linux OffSec
|
|
Custom
. After we click on Custom , additional configuration menus appear under the DISCOVERY menu. We can now customize the Basic Network Scan template the same way as the Advanced Scan template in the context of the DISCOVERY menu. Within the Port Scanning section, we will set the Port scan range to “80,443”. Additionally, we’ll enable the option Consider unscanned ports as closed so that Nessus treats other ports as closed, since we are only interested in ports 80 and 443. Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 178 Figure 49: Specifying Ports 80 and 443 In this demonstration, we’ve customized the Basic Network Scan template to only scan two specific TCP ports. But even in the default settings of this template, Nessus does not scan UDP ports. If we want to activate UDP port scanning, we need to manually configure it. We may miss crucial information on UDP services when it’s disabled during assessments, but we need to understand that activating UDP port scanning will vastly increase the scan duration. Due to the nature of UDP, it is not often possible to tell the difference between an open and a filtered port. To save time and scan the targets more quietly, we will turn off Host Discovery because we know the hosts are available. We do this by navigating to Discovery > Host Discovery where we toggle Ping the remote host to Off . Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 179 Figure 50: Disable Host Ping in Discovery Settings During the configuration of the scan definition, we did not configure any credentials, which implies that this scan will run unauthenticated. We also didn’t change the default settings of the ASSESSMENT menu in the Basic Network Scan template. This means the brute forcing of user credentials will not be done. Even though brute forcing is disabled, our scan creates a lot of network traffic and because we’re scanning multiple hosts, will be highly noticeable. Now that we have a basic understanding of how we can customize templates to fit our needs, we can launch our first scan. We can do this by clicking on the arrow next to Save and selecting Launch . Figure 51: Launching the Scan Initially, the scan will have a status of Running in the Nessus dashboard under My Scans . Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 180 Figure 52: Running Scan in the Nessus Dashboard Figure 52 shows the running scan and provides the options to stop or pause it. Once the scan is finished, the status will change to Completed . Figure 53: Completed Scan in the Nessus Dashboard This concludes our first vulnerability scan with Nessus. In the next Learning Unit, we’ll examine the results of the scan. 7.2.4 Analyzing the Results In this section we will analyze the results of our first vulnerability scan. Due to the continuous updates of Nessus and its plugins, the scan results can differ slightly. We can click on the scan in the My Scans list to get to the results dashboard. Yüklə Dostları ilə paylaş:
|