Presentation is loading. Please wait.

Presentation is loading. Please wait.

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University"— Presentation transcript:

1 2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University http://www.nessus.org

2 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

3 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

4 Description The “Nessus” security scanner is a software which will audit remotely a given network and determine whether someone (or something - like a worm) may break into it, or misuse it in some way Information Networking Security and Assurance Lab National Chung Cheng University

5 Feature Free Powerful Fast Modular architecture Reliable Up-to-date (#nessus-update-plugins) Information Networking Security and Assurance Lab National Chung Cheng University

6 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

7 Information Networking Security and Assurance Lab National Chung Cheng University WWW FTP Mail Proxy Nessus Server-nessusd Nessus Client

8 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

9 Environment Version  2.2.0 Platform  Intel X86 OS  Debian GNU/Linux Compiler  gcc-2.95 Information Networking Security and Assurance Lab National Chung Cheng University

10 Three Choices!! The easy and dangerous way!! The easy and less dangerous way!! Information Networking Security and Assurance Lab National Chung Cheng University The Debian fast way!!

11 Start Information Networking Security and Assurance Lab National Chung Cheng University

12 Add User The command User name The way of auth Type the password The rule set for the user

13 Start nessusd Information Networking Security and Assurance Lab National Chung Cheng University Run the nessusd as daemon!! Loading the plugins

14 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

15 Internet The router of EE The router of CCU The router of ISU WJL.ee.ccu linux.ee.isu Environment

16 Configuration of nessus client

17 Start the scan Information Networking Security and Assurance Lab National Chung Cheng University

18 Report Information Networking Security and Assurance Lab National Chung Cheng University

19 Report with HTML Format Information Networking Security and Assurance Lab National Chung Cheng University

20 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

21 Internet The router of EE The router of CCU The router of ISU WJL.ee.ccu linux.ee.isu Environment

22 Description NessusWX is a client program for Nessus security scanner which is designed specially for Windows platform Version  1.4.4 Download  http://nessuswx.nessus.org/archive/nessuswx- 1.4.4.zip Information Networking Security and Assurance Lab National Chung Cheng University

23 Setting

24 Connect to nessus server Information Networking Security and Assurance Lab National Chung Cheng University

25 Create a session

26 Execute

27 View the result

28 Report with HTML Format

29 Export to the MySQL Database (1/4) First  Let the user can access database from the location Information Networking Security and Assurance Lab National Chung Cheng University The SQL command

30 Export to the MySQL Database (2/4) Second  Create the database and the tables (create_tables.txt) Information Networking Security and Assurance Lab National Chung Cheng University

31 Export to the MySQL Database (3/4) Information Networking Security and Assurance Lab National Chung Cheng University

32 Export to the MySQL Database (4/4)

33 Outline Description & Feature Operation mode Installation Example 1 (Unix-base) Example 2 (Windows-base) Summary Information Networking Security and Assurance Lab National Chung Cheng University

34 An ounce of prevention is better than a pound of cure Information Networking Security and Assurance Lab National Chung Cheng University

Download ppt "2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University"

Similar presentations

Description Competency standards Duration Learning Learning methods Show visual Learning Managemen System on Moodle Offline Show visual Learning Managemen.

Description Competency standards Duration Learning Learning methods Show visual Learning Managemen System on Moodle Offline Show visual Learning Managemen.
Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Vulnerability Assessment NIKTO.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Vulnerability Assessment NIKTO.
Information Networking Security and Assurance Lab National Chung Cheng University COUNTER HACK Chapter 6 Scanning Information Networking Security and Assurance.

Information Networking Security and Assurance Lab National Chung Cheng University COUNTER HACK Chapter 6 Scanning Information Networking Security and Assurance.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
2004, Jei Tripwire An Intrusion Detection Tool Information Networking Security and Assurance Lab National Chung Cheng University.

2004, Jei Tripwire An Intrusion Detection Tool Information Networking Security and Assurance Lab National Chung Cheng University.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Information Networking Security and Assurance Lab National Chung Cheng University F.I.R.E. Forensics & Incident Response Environment.

Information Networking Security and Assurance Lab National Chung Cheng University F.I.R.E. Forensics & Incident Response Environment.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )
Information Networking Security and Assurance Lab National Chung Cheng University Analysis Console for Intrusion Databases.

Information Networking Security and Assurance Lab National Chung Cheng University Analysis Console for Intrusion Databases.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.

OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
Information Networking Security and Assurance Lab National Chung Cheng University Backdoors and Remote Access Tools INSA Laboratory.

Information Networking Security and Assurance Lab National Chung Cheng University Backdoors and Remote Access Tools INSA Laboratory.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
2004, Jei F.I.R.E. Forensics & Incident Response Environment Information Networking Security and Assurance Lab National Chung Cheng University.

2004, Jei F.I.R.E. Forensics & Incident Response Environment Information Networking Security and Assurance Lab National Chung Cheng University.
Information Networking Security and Assurance Lab National Chung Cheng University Yaha.

Information Networking Security and Assurance Lab National Chung Cheng University Yaha.

Similar presentations

Ads by Google