Problem solve Get help with specific problems with your technologies, process and projects.

How to run a Nessus system scan

In the second tip in our series on running Nessus in the enterprise, our contributor takes you step-by-step through the process of running a Nessus system scan. View screenshots of the Nessus interface and learn commands for the Unix Nessus GUI.

In our previous tip

in this series on using Nessus in the enterprise, we detailed the process of downloading and installing Nessus. Now we'll examine how to use this powerful, open source vulnerability scanner to monitor systems for security issues.

To get started, open the Nessus client by choosing it from the Start -> Tenable Network Security -> Nessus menu. The opening screen is shown below:

See larger image

Click the Connect button to connect to a Nessus server. Use the default "localhost" option if the client and server are running on the same host. Otherwise, enter the appropriate server details by clicking the "+" button.

Next, click the "+" icon underneath the "Networks to Scan" section of the screen. Specify a scan target by identifying a single host (by DNS name or IP address), an IP address range, a subnet with mask or a file containing a list of hosts. Provide the appropriate information for the scan target as shown in the example below:

See larger image

After saving the scan target, highlight the default scan policy option in the "Select a scan policy" portion of the window. This will load the Nessus default scan settings. Click on the "+" icon to edit those defaults. This will bring up the Edit Policy window shown below:

See larger image

Pay careful attention to the "Safe checks" option on this tab. Checking this box ensures that Nessus only runs plugins designated by their developers as "non-dangerous." This box should always be checked when running a scan against a production system, as the unsafe plugins could cause an unintentional denial of service on the target system. (On the other hand, if you can do it, so can the bad guys!)

After setting the appropriate options for the scan, click the "Save" button. Then initiate the scan by clicking the "Scan now" button on the main Nessus screen.

It's important to note that scanning a single system could take several minutes or longer, depending upon the options and network size. Scanning a large network could even take hours or days!

Nessus presents scan results in report format, such as the example shown below:  

See larger image

Navigate through this report to view the various alerts shown for each system grouped by host, port and severity.

That's all there is to it! You now have the basic information you need to conduct vulnerability scans with Nessus.


  Introduction: What is Nessus?

  How to install and configure Nessus

  How to run a system scan

  Using Nessus Attack Scripting Language (NASL)

  Vulnerability scanning in the enterprise

  How to simplify security scans

  How to use Nessus with the SANS Top 20

ABOUT THE AUTHOR: Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide andInformation Security Illuminated.

This was last published in June 2008

Dig Deeper on Open source security tools and software