Vulnerability Assessments with Nessus 3 Columbia Area LUG January
25 Slides741.50 KB
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007
Module Objectives Learn how to Install and Configure Nessus3 Learn how to run a “vanilla” scan Learn how to customize your scan for more effective results Learn how to interpret and save the reports. 2007 Chuck Fullerton 2
Introduction to Nessus Created by Renaud Deraison Currently Maintained by Tenable Network Security Uses the NASL Scripting language for it’s plugins (currently over 13,000 plugins!) Price is still Free! Register to obtain many plugins (7 day delay). Or Purchase a Direct Feed for the Latest and greatest and Compliance Checks! 2007 Chuck Fullerton 3
Nessus Features Client/Server Architecture SSL/PKI supported Smart Service Recognition (i.e. FTP on 31337) Non-Destructive or Thorough Tests Vulnerability Mapping to CVE, Bugtraq, and others Vulnerability Scoring using CVSS from NIST. 2007 Chuck Fullerton 4
Nessus Features Tons of Plugins Port Scanning Vulnerability Checks Patch Audit Checks Local Server Checks Compliance Checks SCADA Checks Custom Checks (Write your own) 2007 Chuck Fullerton 5
Nessus Architecture Nessus uses a Client/Server Architecture Server runs on Linux Clients available for Linux and Windows Nessus3 for Windows now available! Clients connect to the Server using ports TCP/UDP 1241 by default 2007 Chuck Fullerton 6
Ported Operating Systems Nessus has been ported to the Following OS’s Red Hat ES 3 & 4 ** Fedora 5 & 6 Debian 3 FreeBSD 4, 5, & 6 SUSE 9 & 10 Solaris 9 & 10 Windows 2003, XP (and soon Vista)** **Officially supported by Tenable Network Security 2007 Chuck Fullerton 7
Install Process Uninstall any old versions of Nessus Download RPM’s, Deb’s or whatever your system uses. (Current GA version is 3.0.4) Prepare system for install Install Nessus3 Make the crypto certificate Add users Scan away! 2007 Chuck Fullerton 8
Preparing the System Ensure your Host firewall allows for connection to TCP/UDP port 1241 Ensure you have updated versions of GTK and OpenSSL Ensure your system date is accurate Ensure your Internet Connection is available (For updates) 2007 Chuck Fullerton 9
Installing Nessus rpm –ivh nessusfilename /opt/nessus/sbin/add-first-user Used mainly with other Tenable Products. service nessusd start 2007 Chuck Fullerton 10
Updating to the Latest Plugins /opt/nessus/sbin/nessus-update-plugins Licensing Non-Registered (Only GNU Plugins that come with the program) Registered (Delayed 7 Days) Will give you newer Plugins made available by Tenable Direct Feed (Fee) ( 1200/year) Will give you advanced plugins, including Compliance Checks, SCADA checks and others. 2007 Chuck Fullerton 11
The Nessus Clients Linux Client Windows Client 2007 Chuck Fullerton 12
Logging in to the Server 2007 Chuck Fullerton 13
Linux Client 2007 Chuck Fullerton 14
Client Plugins Tab 2007 Chuck Fullerton 15
Client Scan Preferences 2007 Chuck Fullerton 16
Preparing for your First Scan Nessus can cause problems in the target network. Ensure your client provides explicit permission before the start of scanning. Risks DoS Missing Information Printer issues if not configured correctly. 2007 Chuck Fullerton 17
Creating a new Scan 2007 Chuck Fullerton 18
Reviewing the Data 2007 Chuck Fullerton 19
Saving the Report 2007 Chuck Fullerton 20
Reporting Options Many different Reporting Options NBE Standard Nessus Format HTML XML HTML with Pies and Graphs PDF SQL (windows client only) 2007 Chuck Fullerton 21
Interpreting Nessus Reports 2007 Chuck Fullerton 22
Tenable Compliance Checks Can check settings within Windows, Unix, Solaris, and Linux. File permissions, File presence User/Domain Settings Registry Settings Others. User Configurable audit files. There is even an audit file creation tool for Windows. 2007 Chuck Fullerton 23
Other Tenable Products Log Correlation Engine (LCE) Correlate and alert on specific logs Passive Vulnerability Scanner (PVS) Now you can scan servers without the risk. Security Center 3.2 (SC3) Manages Nessus3, LCE and PVS from one console. SC3 3DTool 3D Graphical tool to get your points across to management. 2007 Chuck Fullerton 24
For More Information www.nessus.org www.tenablesecurity.com http://blog.tenablesecurity.com/ http://www.tenablesecurity.com/news/webinars.shtml http://mail.nessus.org/mailman/listinfo/ 2007 Chuck Fullerton 25