It’s been said a million times before: security scanning tools are a necessity for pen-testing, information gathering, and sometimes general computer use. When fulfilled, a security scanner can give you a head start on upgrading your security applications.
For pen-testers, a security scanner can be the making or breaking of an important job. Due to the endless potential, a variety of different tools exist for this purpose. One of the more popular options is a remote security scanning tool called Nessus.
CMU’s website describes the tool,
“[Nessus] is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. It does this by running over 1200 checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it.”
For Linux based users, the installation is simple:
- (sudo) dpkg –install Nessus-4.4.1-debian5_i386.deb (example version – check for most recent)
- /opt/nessus/sbin/nessus-adduser (enter password if you’re not already root)
- Register your product & copy activation code when email is received
- /opt/nessus/bin/nessus-fetch –register CODEHERE
- /etc/init.d/nessusd start
- Type in your browser: https://127.0.0.1:8834/
- Login and follow installation prompts
Key features of Nessus (courtesy of Infosec Institute) include:
- Identifies vulnerabilities that allow a remote attacker to access sensitive information from the system
- Checks whether the systems in the network have the latest software patches
- Tries with default passwords, common passwords, on systems account
- Configuration audits
- Vulnerability analysis
- Mobile device audits
- Customized reporting