In our previous tip
in this series on using Nessus in the enterprise, we detailed the process of downloading and installing Nessus. Now we'll examine how to use this powerful, open source vulnerability scanner to monitor systems for security issues.
To get started, open the Nessus client by choosing it from the Start -> Tenable Network Security -> Nessus menu. The opening screen is shown below:
Click the Connect button to connect to a Nessus server. Use the default "localhost" option if the client and server are running on the same host. Otherwise, enter the appropriate server details by clicking the "+" button.
Next, click the "+" icon underneath the "Networks to Scan" section of the screen. Specify a scan target by identifying a single host (by DNS name or IP address), an IP address range, a subnet with mask or a file containing a list of hosts. Provide the appropriate information for the scan target as shown in the example below:
After saving the scan target, highlight the default scan policy option in the "Select a scan policy" portion of the window. This will load the Nessus default scan settings. Click on the "+" icon to edit those defaults. This will bring up the Edit Policy window shown below:
Pay careful attention to the "Safe checks" option on this tab. Checking this box ensures that Nessus only runs plugins designated by their developers as "non-dangerous." This box should always be checked when running a scan against a production system, as the unsafe plugins could cause an unintentional denial of service on the target system. (On the other hand, if you can do it, so can the bad guys!)
After setting the appropriate options for the scan, click the "Save" button. Then initiate the scan by clicking the "Scan now" button on the main Nessus screen.
It's important to note that scanning a single system could take several minutes or longer, depending upon the options and network size. Scanning a large network could even take hours or days!
Nessus presents scan results in report format, such as the example shown below:
Navigate through this report to view the various alerts shown for each system grouped by host, port and severity.
That's all there is to it! You now have the basic information you need to conduct vulnerability scans with Nessus.
How to run a system scan
Vulnerability scanning in the enterprise
How to simplify security scans
How to use Nessus with the SANS Top 20
ABOUT THE AUTHOR: Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide andInformation Security Illuminated.