Vulnerability Assessment and Penetration to Linux OS with Nessus

Nessus is a vulnerability scanning program that is widely used in the cybersecurity community. It is free for personal and non-commercial use. It’s primary goal is to identify possible security flaws in computer systems and networks. Nessus is far more advanced than port scanning software. While the softwares like nmap can only offer information on the host server or machine’s operating system and open ports, Nessus may test for vulnerabilities in services based on the plugins’ up-to-dateness. Institutions related to cyber security often use and are among the indispensables of cyber security employees.

To install Nessus, we primarily connect to the Nessus web site and download our installation file according to our operating system.

After the download is complete, we complete the installation with the following commands.

We run the Nessus service and make sure it is running.

Then we access the web interface by typing https://localhost:8834/ in our web browser.

After we setting up such as username, password, e-mail, we complete that part with the activation code sent to our e-mail address.

We logged in to the Nessus Web interface and we have many options as you see. Now we are ready to make a Basic Network Scan.

After our scan is over, we click on our scan name again on the My Scans screen and we see the scanned IPs and the levels of vulnerabilities of these IPs:

You can access the details of these vulnerabilities by clicking on them. There is a description section contains information about the vulnerability and a solution section that explains how we can fix this vulnerability. As you can see in this vulnerability, the port can be listened without any authentication. An attacker could exploit this by connecting to the remote port and sending commands directly.

We will try to gain access to the machine with VNC.

And we are inside. As can be seen from the screenshot, we logged into the metasploitable machine as root user.

In Addition: Nessus can report the vulnerabilities found in PDF, HTML and CSV formats. We select PDF from the Report Format section at the top right of the screen, after selecting the Report Template, we select Generate Report.

Our report is ready as a PDF. Here by selecting Plugins we can access the page that gives us Description and Solution information.

Conclusion: I tried to explain what purposes Nessus works for and what benefits it brings to us. I have shown how we can simply exploit the vulnerability that Nessus has identified. I think this article will be helpful to people who are just starting to show interest in penetration testing and cyber security.