8 trang 26 lượt tải

Chapter 5: Nessus Vulnerability Scanning Guide | Môn Công nghệ thông tin - Đại học Sư phạm Kỹ thuật Thành phố Hồ Chí Minh

51

Chapter 5: Nessus Vulnerability Scanning Guide Môn Công nghệ thông tin. Tài liệu được sưu tầm gồm 8 trang, giúp bạn ôn tập tốt hơn. Mời các bạn đón xem. 

Môn: Công nghệ thôn tin 10 tài liệu

Trường: Đại học Sư phạm Kỹ thuật Thành phố Hồ Chí Minh 3.9 K tài liệu

Tác giả:

Profile

Linh Giang

1 tuần trước
Danh sách Quiz
/8
lOMoARcPSD| 58583460
Network Vulnerability Scanning using Nessus
Task 1. Install and activate Nessus 6.4.0
Drag and drop the Nessus-6.4.0-debian6_amd64.deb file into Kali Linux
Install Nessus 6.4.0 using the following command
dpkg -i Nessus-6.4.0-debian6_amd64.deb
/etc/init.d/nessusd start
Access the Nessus web interface via https://<kali_linux_ip>:8834
o Username: comp4632 o
Password: pass4632
Create a Nessus user account:
lOMoARcPSD| 58583460
An activation code would be required for the product registration
Register for an activation code in the Nessus website o
https://www.tenable.com/products/nessus-home
An email containing the activation code would be sent to your email address
Select “Nessus (Home, Professional or Manager)” and enter the activation code
in the Nessus web interface
lOMoARcPSD| 58583460
Nessus will automatically update the plugin and perform initialization
Task 2: Create New Nessus Policy
Power on the Kali Linux virtual machine
Access the Nessus web interface via https://<kali_linux_ip>:8834
Login Nessus with the credential created previously
o Username: comp4632 o Password : pass4632
The following page would be shown after successful logon
lOMoARcPSD| 58583460
Create a new scanning policy
o Select Policies
New Policy
Advanced Scan
lOMoARcPSD| 58583460
In Settings tab, enter the following information
Basic General Name : Comp4632_InternalScan
Assessment General Override normal accuracy Show potential false alarms
Assessment General Perform thorough tests (may disrupt your network
or impact scan speed)
Assessment Brute Force Only user credentials provided by the user
(uncheck)
In Credentials tab, enter the following information
Credentials Host SSH Authentication Method: Password
Credentials Host SSH Username : root
Credentials Host SSH Password (unsafe!) : admin123
lOMoARcPSD| 58583460
In Plugin tab, disable the following plugin o
Denial of Service
Save the policy
Task 3: Create New Nessus Scan
Select Scans => New Scan => User => Comp4632_InternalScan
lOMoARcPSD| 58583460
o Name: <Name of the Scan> o Description:
<Description for the Scan> o Targets: <IP address of the
webserver and the dbserver>
Enter the following information in Basic
General
lOMoARcPSD| 58583460
Click Save and start the scan
Review the vulnerabilities after the scanning is completed

Tài liệu khác của Đại học Sư phạm Kỹ thuật Thành phố Hồ Chí Minh

Preview text:

lOMoAR cPSD| 58583460
Network Vulnerability Scanning using Nessus
Task 1. Install and activate Nessus 6.4.0
Drag and drop the Nessus-6.4.0-debian6_amd64.deb file into Kali Linux
Install Nessus 6.4.0 using the following command
dpkg -i Nessus-6.4.0-debian6_amd64.deb /etc/init.d/nessusd start
Access the Nessus web interface via https://:8834
Create a Nessus user account: o Username: comp4632 o Password: pass4632 lOMoAR cPSD| 58583460
An activation code would be required for the product registration
Register for an activation code in the Nessus website o
https://www.tenable.com/products/nessus-home
An email containing the activation code would be sent to your email address
Select “Nessus (Home, Professional or Manager)” and enter the activation code in the Nessus web interface lOMoAR cPSD| 58583460
Nessus will automatically update the plugin and perform initialization
Task 2: Create New Nessus Policy
Power on the Kali Linux virtual machine
Access the Nessus web interface via https://:8834
Login Nessus with the credential created previously
o Username: comp4632 o Password : pass4632
The following page would be shown after successful logon lOMoAR cPSD| 58583460 Create a new scanning policy
o Select Policies New Policy Advanced Scan lOMoAR cPSD| 58583460
In Settings tab, enter the following information • Basic General Name : Comp4632_InternalScan
• Assessment General Override normal accuracy Show potential false alarms • Assessment General
Perform thorough tests (may disrupt your network or impact scan speed) • Assessment Brute Force
Only user credentials provided by the user (uncheck)
In Credentials tab, enter the following information
• Credentials Host SSH Authentication Method: Password
• Credentials Host SSH Username : root
• Credentials Host SSH Password (unsafe!) : admin123 lOMoAR cPSD| 58583460
In Plugin tab, disable the following plugin o Denial of Service Save the policy
Task 3: Create New Nessus Scan
Select Scans => New Scan => User => Comp4632_InternalScan lOMoAR cPSD| 58583460
Enter the following information in Basic General o Name: o Description:
o Targets: webserver and the dbserver> lOMoAR cPSD| 58583460 Click Save and start the scan
Review the vulnerabilities after the scanning is completed

Tài liệu liên quan: