Home How To Installation and Use of Nessus in Vulnerability Scanning
How ToTechVulnerabilities

Installation and Use of Nessus in Vulnerability Scanning

by Unallocated Author
written by Unallocated Author

It’s been said a million times before: security scanning tools are a necessity for pen-testing, information gathering, and sometimes general computer use. When fulfilled, a security scanner can give you a head start on upgrading your security applications.

For pen-testers, a security scanner can be the making or breaking of an important job. Due to the endless potential, a variety of different tools exist for this purpose. One of the more popular options is a remote security scanning tool called Nessus.

CMU’s website describes the tool,

“[Nessus] is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.  It does this by running over 1200 checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it.”

For Linux based users, the installation is simple:
  1. (sudo) dpkg –install Nessus-4.4.1-debian5_i386.deb (example version – check for most recent)
  2. /opt/nessus/sbin/nessus-adduser (enter password if you’re not already root)
  3. Register your product & copy activation code when email is received
  4. /opt/nessus/bin/nessus-fetch –register CODEHERE
  5. /etc/init.d/nessusd start
  6. Type in your browser: https://127.0.0.1:8834/
  7. Login and follow installation prompts

Learning the interface of Nessus is simple enough. It can also be used for a variety of different things. Like any tool, research is your friend and practice makes perfect.

Key features of Nessus (courtesy of Infosec Institute) include:
  • Identifies vulnerabilities that allow a remote attacker to access sensitive information from the system
  • Checks whether the systems in the network have the latest software patches
  • Tries with default passwords, common passwords, on systems account
  • Configuration audits
  • Vulnerability analysis
  • Mobile device audits
  • Customized reporting

In conclusion, it’s not a bad idea to get friendly with Nessus. A computer is your digital playground, after all.

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

You may also like

Safeguarding ERP Systems in the Digital Age: The...

How Artificial Intelligence Technology Affects Fintech Companies &...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Mitigating the Impact of Data Breaches Through DDR

“Let’s Get the Third Party Started In Here,”

Exploring HelpWire: A New Option in Free Remote...

Understanding Cybersecurity Basics for Businesses

Evolving Trends in Cloud Data Protection for 2024

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites