Vulnerability Assessment with Nessus Free Version- Hands-on Practices
Vulnerability management is the practice of staying aware of known vulnerabilities in an environment and then resolving or mitigating these vulnerabilities to improve the environment’s overall security posture. To manage your vulnerabilities you must first start to discover and assess them. In today’s cyber security environment we have a powerful tool that can discover and assess vulnerabilities: Tenable Nessus. While it has a paid pro version, it also has a free-essentials version which has many features.
Building Our Lab
Our lab environment will be deployed to the VMware environment. You can download and use one month for free the latest VMware workstation version.
we will deploy Nessus Essentials to the win7 machine. You can use windows 10 too if you have enough ram source on your PC or laptop.
The famous Metasploitable-2 will be our server and Linux machine.
Our client machine will be windows XP, but you can use win7 or win 10 if you have enough ram source.
Using XP, Metesploitable, and Win7, you can create your lab even ifyou have a 4 GB ram source.
Our Nessus Machine, server, and client are on the same VLAN. In a real-life scenario, they will most probably be in different VLANs. If there is a FireWall between them you must permit the Nessus machine with “any” rule if you want to have a proper output.
You can watch this free course for building a home lab with VMware.
https://www.udemy.com/course/vmware-vsphere-home-lab/learn/lecture/9511404?start=0#overview
Deploying Nessus Home
You can download Nessus Essentials from here.
After filling out the application form you will receive an activation mail with an activation code.
Downloading process will be a little long. Don’t worry.
By clicking the new scan button you can start your first scan.
First, let’s discover assets on our network. In our lab scenario, you can discover our VMnet machines: metasploitable and XP. But If you choose “bridge mode” at the VMware settings menu of the win7 Nessus machine, you can discover all assets on your home network even your mobile phone and tablets our your naughty neighbors who use your wifi network :)
After editing configuration menu settings you can click the launch button.
Advanced Scan for Your Newly Discovered Assets
We have discovered assets on our network. Now we can go further and scan them deeply. Choose advanced scan from the scan menu. Now enter your XP, Linux assets IP address to the target menu.
If you want to gain deeper results for your target machine you must enter credentials for your target assets.
By clicking “report” button we can genarete our scan report.
Check Apache Log4j Remote Code Execution Vulnerability with Nessus.
Creating Scan Policy: Apache Log4j Remote Code Execution Vulnerability Scan Policy
Scan policies allow you to create policies to use every time for your targets. For example you can create a scan policy that can scan only scan “Apache Log4j Remote Code Execution Vulnerability”
Then enable the plugins which you want to scan.
More for cybersecurity
LEARN CYBERSECURITY IN 2024
Check out our comprehensive cybersecurity course and enhance your knowledge in the field! Join now to learn the essential skills and techniques to protect yourself and others in the digital world. Don’t miss this opportunity to become a cybersecurity expert!