1 / 12

Fundamentals of IT Security: Overview of Vulnerability Scanning with Nessus

In this course led by Dr. Andy Wu, learn about the fundamentals of IT security, focusing on vulnerability scanning and the capabilities of Nessus, a market leader in the field. Gain insights into Nessus architecture, including client-server interactions, and the extensive range of plugins that identify potential vulnerabilities such as unpatched operating systems, outdated applications, and misconfigured accounts. Explore the advanced reporting capabilities of Nessus and its effective scanning policies, and understand how to successfully protect networks from security threats.

leighton-ace
Télécharger la présentation

Fundamentals of IT Security: Overview of Vulnerability Scanning with Nessus

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VULN SCANNING BCIS 4630 Fundamentals of IT Security Dr. Andy Wu

  2. Overview • Nessus • Architecture • Plugins • Reporting

  3. Vulnerability Scanning • Scans the target for potential problems that yield the target vulnerable to attacks: • Unpatched OS • Outdated applications • Unsecure accounts • Misconfigurations • Etc. • Nessus is a market leader in vulnerability scanning. • Major contenders include SATAN, SAINT, Retina, etc.

  4. Nessus Architecture

  5. Nessus Architecture • Client-server architecture. • The program is in fact installed on the Nessus server. • Includes a large number of plug-ins. • Each plugin is a source of vulnerability. • Well organized and tied to industry vulnerability databases. • Plugins are organized into “families”. • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).

  6. Nessus Server • The server component receives scanning requests from the client and performs the actual scan. • Runs as a service. • The managed port number is 8834. • Maintains a list of user accounts. • A user account is required for scanning. • Two types of accounts: admin and regular.

  7. Nessus Client • Connects to the server to perform the scan. • Typical thin-client (browser) application. • SSL connection to the server. • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.

  8. Scan Settings

  9. Reporting Capabilities • Dynamic, context-driven, tabbed views in Web browser • Overview, executive summary reports • Detailed reports by port numbers/vulnerability IDs • Exported to HTML or rich-text formats

  10. Reporting Capabilities

  11. Password Guessing Script

  12. Credentials File

More Related