Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Nessus Network Vulnerability Scanner

Nessus is a proprietary network vulnerability scanning program. Nessus was first released as free and open source software, but in 2005, its developer closed public access to the source code and began charging a $1200 annual subscription fee (a free home version is still available for non-commercial use). Nessus is available for both Windows and Linux.

Nessus Network Vulnerability Scanner

Nessus scans network hosts for vulnerabilities and generates reports on its findings. It can scan for the following:

Vulnerabilities that allow a hacker to access a system.
Misconfigurations that make the system vulnerable.
Outdated and vulnerable software.
Insecure, blank, or default passwords.
Vulnerability to dos attacks.

Starting with version 4, the Nessus moved from standard application format to a browser based application that utilizes plugins. When Nessus can connect to the Internet it automatically downloads the latest plugins. Nessus operates as a server and as a client. The Nessus server performs the actual scanning while the client presents the user interface and passes commands to the server.

Before you can initiate a scan, you need to make sure the Nessus server is running on your system. In Task Manager check to see if nessusd.exe is running. If not, open the Services Management Console, services.msc, scroll to Tenable Nessus, right-click on the Nessus line and, in the popup menu that appears, choose "Start".

Once the server is running, open your web browser and go to https:⁄⁄[your_IP_address]:8834 or https:⁄⁄localhost:8834 To proceed, you must create a user account in the Nessus server. When you have logged into the Nessus server, you'll see the Nessus interface where you can configure scan policies. Scan policies controls the options and features the scan will use for inspecting target hosts. If you want the scan to login to the target hosts, you need to provide it with valid credentials to use.

When you start the scan, Nessus will ping the target hosts, probe their ports, attempt to identify the operating systems, and detect the running services. You can monitor the entire scan or select a specific host to monitor its particular progress. When the scan is complete, you can browse through the results on the Nessus client or you can export the results to a .nessus, .nbe, or HTML format.

More Network Security Articles:
• How Snort's Stealth TCP Port Scanning Works
• The Use of HoneyPots and HoneyNets to Trick Hackers
• What is Network AAA (Authentication, Authorization, and Accounting)?
• Top Ways to Prevent Data Loss
• Digital Signatures and Certificates
• Data Encryption
• What is Penetration Testing?
• Are You Meeting ISO 27000 Standards for Information Security Management?
• Wireless Network Security
• Methods to Combat Distributed Denial of Service (DDoS) Attacks

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2024 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268