Vulnerability Scanning

Nessus

Notes and commands for Nessus.

2024-03-26

Tags scanningvuln-scannessus

Back to Pentest Notes Search Notes

Download Nessus

https://www.tenable.com/downloads/nessus?loginAttempted=true

Register and Request Free Lincense

https://www.tenable.com/products/nessus/activation-code
Nessus Essentials.

Installing Pages (Linux)

dpkg -i Nessus-8.15.1-ubuntu910_amd64.deb

Starting Nessus

sudo systemctl start nessusd.service

Accessing Nessus

https://localhost:8834

Scan Policies

Are custom scans that can be preconfigured and saved / reapplied.

Plugin Rules

Very good to exclude some ID’s that are just SSL-self certificates and basically false positives.

Scanning with Credentials

Select Categorie and then accordingly, Username/PW or hashes or Whatever

Script to download scan Results in all different Formats

https://raw.githubusercontent.com/eelsivart/nessus-report-downloader/master/nessus6-report-downloader.rb
-./nessus_downloader.rb

Common Issues & Fixes

all ports open / closed disable Ping the remote host in Advcanced Settings (stop scan from using ICMP)
sensitive Networks: adjust Performance Options -> max concurrent Checks per host
avooid scanning legacy systems (option to not scan pritners f.e.) in the rules.
ALWAYS “safe checks” to not run DoS plugins. and inform that you are doing a check.

Checking for Impact of Nessus

install vnstat:
sudo apt install vnstat
Check before running nessus scan:
sudo vnstat -l -i eth0
Check after running nessus scan:
sudo vnstat -l -i eth0
now we can compare number of bytes and packets transferred during a vuln scan.