Project 12: Nessus (15 points)

What You Need

The Kali 2 virtual machine you set up in a previous project
A Windows target machine to scan, real or virtual

Downloading and Installing Nessus

In your Kali virtual machine, open IceWeasel. Go to :

https://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code

On the left side, at the bottom of the "Free" section, click "Register Now".

Enter your name and email address to get a registration code.

Click the Register button.

On the next page, Click the Download button.

On the "Download Nessus" page, download the "Debian 6 and 7" version. If you are using the VM I recommended for this class, it's 32-bit Kali.

On your Kali machine, in a Terminal window, execute these commands:

cd Downloads/ dpkg -i Nessus-6.5.5-debian6_i386.deb
/etc/init.d/nessusd start

In IceWeasel, go to this URL:

https://localhost:8834

A page appears, saying "This Connection is Untrusted", as shown below.

Click the yellow triangle to expand the "I Understand the Risks" section.

Click the "Add Exception..." button.

In the "Add Security Exception" box, click the "Confirm Security Exception" button.

A "Welcome to Nessus 6" page appears, as shown below.

Click the Continue button.

In the "Account Setup" page, enter these values (or any other values you can remember):

Username: root
Password: toor
Confirm Password: toor

Click the Continue button.

A box pops up asking whether to remember the password. Close that box with the X in its upper right corner.

In the "Product Registration" page, enter the Activation Code you got from your email and click the Continue button.

Wait while the product downloads more software, as shown below. This will take some time, perhaps 15 minutes.

Scanning a Windows Target

Launch a Windows machine to scan, such as the Windows Server 2008 VM we've been using. If you are in S214, you can use any of the Windows 10 machines as a target.

On your Windows machine, open a Command Prompt window and execute the IPCONFIG command to find its IP address.

On your Kali machine, open a Terminal window and ping your Windows machine. Make sure you can see replies, as shown below.

If you don't get replies, you need to troubleshoot your network connections. Make sure the firewall is off on the Windows machine.

The simplest way to resolve network connection problems is to place all virtual machines in Bridged mode. That way you can scan either real or virtual machines.

Scanning the Windows Machine

On Kali, in IceWeasel, the Nessus page asks you to log in. Log in with these credentials:

Username: root
Password: toor

At the center top of the Nessus page, click Scans.

On the left side, click the "New Scan" button.

On the next page, click "Basic Network Scan", as shown below.

Fill in these values, as shown below.

Name: Win-YOURNAME, replacing "YOUR NAME" with your own name
Description: leave blank
Folder: "My Scans"
Targets: 192.168.119.129 -- replace this with the IP address of your Windows machine

At the bottom of the page, click the Save button.

A box pops up asking whether to remember your password. Close it.

In the "Scans/My Scans" page, in the "Win-YOURNAME" line, on the right side, click the faint gray triangle to start your scan, as outlined in green in the image below.

The "Scans" page shows your scan running, with a little green icon turning, as shown below.

The scan should take 5-6 minutes. When it completes, the green rotating icon changes to a green checkmark. as shown below.

Viewing the Scan Results

Click the green checkmark to see the scan results. Nessus color-codes the vulnerabilities it finds. "Critical" vulnerabilities, are shown as red regions in the charts, as shown below.

CLick one of the colored regions to see a detailed list of vulnerabilities, as shown below.

Capturing a Screen Image

Make sure the Nessus page is visible, showing these two required items:

YOURNAME in the title
At least one result (it need not be "Critical"; it might just be "Info")

Capture a whole-desktop image and save it as "Proj 12".

YOU MUST SEND IN A WHOLE-DESKTOP IMAGE FOR FULL CREDIT

Evaluating the Results

Click a few of the the vulnerabilities and read the descriptions of them, as shown below.

This is an essential part of any vulnerability analysis--an intelligent human must evaluate the results to decide how important they really are to the company.

Scanners almost always flag a lot of problems as CRITICAL when they aren't really so important.

Turning in Your Project

Email the images to cnit.120@gmail.com with a subject line of "Proj 12 From YOUR NAME", replacing "YOUR NAME" with your real name.

Send a Cc to yourself.

Sources

https://www.cybrarypentesting.com/how-to-install-nessus-on-kali-linux-2-0/

Nessus: Forget the administrator password

Last Modified: 4-12-16