Tip

How to run a Nessus system scan

In our previous tip in this series on using Nessus in the enterprise, we detailed the process of downloading and installing Nessus. Now we'll examine how to use this powerful, open source vulnerability scanner

    Requires Free Membership to View

    Login

to monitor systems for security issues.

To get started, open the Nessus client by choosing it from the Start -> Tenable Network Security -> Nessus menu. The opening screen is shown below:


See larger image

Click the Connect button to connect to a Nessus server. Use the default "localhost" option if the client and server are running on the same host. Otherwise, enter the appropriate server details by clicking the "+" button.

Next, click the "+" icon underneath the "Networks to Scan" section of the screen. Specify a scan target by identifying a single host (by DNS name or IP address), an IP address range, a subnet with mask or a file containing a list of hosts. Provide the appropriate information for the scan target as shown in the example below:


See larger image

After saving the scan target, highlight the default scan policy option in the "Select a scan policy" portion of the window. This will load the Nessus default scan settings. Click on the "+" icon to edit those defaults. This will bring up the Edit Policy window shown below:


See larger image

Pay careful attention to the "Safe checks" option on this tab. Checking this box ensures that Nessus only runs plugins designated by their developers as "non-dangerous." This box should always be checked when running a scan against a production system, as the unsafe plugins could cause an unintentional denial of service on the target system. (On the other hand, if you can do it, so can the bad guys!)

After setting the appropriate options for the scan, click the "Save" button. Then initiate the scan by clicking the "Scan now" button on the main Nessus screen.

It's important to note that scanning a single system could take several minutes or longer, depending upon the options and network size. Scanning a large network could even take hours or days!

Nessus presents scan results in report format, such as the example shown below:


See larger image

Navigate through this report to view the various alerts shown for each system grouped by host, port and severity.

That's all there is to it! You now have the basic information you need to conduct vulnerability scans with Nessus.


NESSUS TUTORIAL

  Introduction: What is Nessus?
  How to install and configure Nessus
  How to run a system scan
  Using Nessus Attack Scripting Language (NASL)
  Vulnerability scanning in the enterprise
  How to simplify security scans
  How to use Nessus with the SANS Top 20

ABOUT THE AUTHOR:
Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide and Information Security Illuminated.


This was first published in June 2008

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top