Fun with Nessus

Hat tip to LifeHacker for posting about Nessus.

I figured I’d give it a go on my network, and see what could be found.  I’ve worked in a previous life with Security Remediation, and while not fun it’s a necessary evil now.  I do this for fun, and I know as my lovely fiancee tells me repeatedly, I am a giant nerd.

The download and installation was simple enough, and I spent more time downloading and installing Windows Server 2016.  I’m hoping to have a Foreman Installation up and running soon that will automate my Windows Installs.  It’s easy enough to template a Windows 2016 VM with vSphere, but I’d like to learn another skill with Foreman and Puppet.

Installation was straightforward

  1.  Create an Administration Account
  2. Enter your key.  Hint remember to put the Dashes in as the GUI does not add them for you.
  3. Download the Nessus Definitions and initialize, note this takes a while.

capture

It took a good twenty minutes between download and initialization.

Pretty simple, select New Scan and Pick one.  I chose Basic Scan, told it to hit my entire subnet, and away it went.

capture

The scanner works pretty quickly and by clicking on the Name, and you can see the results in real time.  I do have a fair amount of vulnerabilities to look into, some of which I know about and some of which I wouldn’t.  It’d be a fun exercise to try to clean and secure my environment.

capture

Some are also useless.  For example, the below Warning popped up.  All the devices are Routers or other networking gear so you would expect that to be the case.  I guess it’s good to have if the device turns out to be a server.  It’s also nice to see that Nessus tells you how to fix the vulnerability.

capture

Sometimes Nessus does its best but fails pretty miserably.  I’ll give it credit that the device below is indeed a printer.

capture

Total scan time for about 30 devices, which are a mix of Linux, Solaris, and Windows, with a mix of other network devices, took about 30minutes.

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s