Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003."— Presentation transcript:

1 Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003

2 Bill Kramp Finger Lakes Community College Canandaigua, NY krampwd@flcc.edu

3 Outline What is Nessus? Why use it? System and Software ConfigurationScanningReportsDemonstrationDiscussion

4 Nessus Vulnerability scanning tool Open source Zero software costs Zero annual maintenance costs Minimal hardware needs

5 Why scan? To meet your campus security policy. To find out what services are running. To double check that software patches are installed correctly. If you don’t find the holes, the hackers will. Like Martha says “It’s a good thing”.

6 System Requirements Server: Linux Linux Solaris Solaris FreeBSD FreeBSDClients: Win32 Win32 X11 X11 Java Java

7 Server Software Four basic parts to the Nessus server: Nessus-core Nessus-core Nessus-libraries Nessus-libraries Libnasl Libnasl Nessus-plugins Nessus-plugins

8 Plugins Plugins are the scripts that perform the vulnerability tests. NASL – This is the Nessus Attack Scripting Language which can be used to write your own plugins. Nessus-update-plugins command– A script that will download new, or updated Nessus plugins. Can be run manually or from cron. 1600 plugins available as of June 10, 2003

9 Port Scanners Port scanning will detect the ports (services) available. Port scanning types: Ping Ping SYN scan SYN scan Tcp connect() scan Tcp connect() scan Scan for LaBrea tarpitted hosts Scan for LaBrea tarpitted hosts SNMP port scan SNMP port scan Can define port ranges to scan

10 Defining Targets Hosts Server.domain.edu Server.domain.edu 172.21.1.2 172.21.1.2Subnet 192.168.100.0 192.168.100.0 Address range 192.168.1.1-192.168.1.10 192.168.1.1-192.168.1.10

11 Vulnerability Scanning Scanning methods: Safe Safe Destructive Destructive Service recognition – Will determine what service is actually running on a particular port. Handle multiple services – Will test a service if it appears on more then one port. Will test multiple systems at the same time.

12 Viewing Reports Nessus will indicate the threat level for services or vulnerabilities it detects: Low severity – Notification of issues Low severity – Notification of issues Medium severity – Warnings to think about Medium severity – Warnings to think about High severity – Issues that should be resolved High severity – Issues that should be resolved Description of vulnerability Risk factor CVE number

13 Common Vulnerabilities and Exposures CVE created by http://www.cve.mitre.org/ http://www.cve.mitre.org/ Attempting to standardize the names for vulnerabilities. Attempting to standardize the names for vulnerabilities. CVE search engine at http://icat.nist.gov/

14 Report Options Output types: Text Text HTML HTML PDF PDF Filter by severity Sort by host or vulnerability

15 Export Options Comma Separated MySQLSQL Nessus.nsl

16 User Accounts Nessus supports individual accounts. Different rules can be applied to each account: Limit access to specific host(s) Limit access to specific host(s) Limit access by subnets Limit access by subnets Have no restrictions Have no restrictions

17 Connecting to Nessus Server

18 Define the Targets

19 Selecting Plugins

20 Scanning…

21 Testing Completed

22 Viewing Session Results

23 Nessus Resources http://www.nessus.org/ Nessus PHP Interface (to MySQL): http://enterprise.bidmc.harvard.edu/pub/n essus-php/ http://enterprise.bidmc.harvard.edu/pub/n essus-php/ http://enterprise.bidmc.harvard.edu/pub/n essus-php/ Win32 Client: http://nessuswx.nessus.org/ http://nessuswx.nessus.org/ Gnome Client: http://sussen.sourceforge.net/

24 Commercial Products SecureScan http://www.vigilante.com/ http://www.vigilante.com/ Retina http://www.eeye.com/ http://www.eeye.com/ Internet Scanner http://www.iss.net/ http://www.iss.net/

25 Discussion Does any campus have policies to test? What software are other campuses using?

26 Nessus – A Vulnerability Scanning Tool A complete copy of the Power Point presentation will be available on the college website at http://paws.flcc.edu/~krampwd/

Download ppt "Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003."

Similar presentations

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.
Monitoring Your Network Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion.

Monitoring Your Network Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.
Vulnerability Types And How to Use Them.

Vulnerability Types And How to Use Them.
Port Scanning.

Port Scanning.
Linux Operations and Administration

Linux Operations and Administration

Similar presentations

Ads by Google