CentOS 7.x Scanning machines using nessus web portal

From Notes_Wiki
Revision as of 03:02, 26 January 2019 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>CentOS_7.x_nessus|CentOS 7.x nessus</yambe:breadcrumb> =CentOS 7.x Scanning machines using nessus web portal= ==Scan generic target without authentication==...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>CentOS_7.x_nessus|CentOS 7.x nessus</yambe:breadcrumb>

CentOS 7.x Scanning machines using nessus web portal

Scan generic target without authentication

To scan a generic target (Windows / Linux / Device) without authentication use:

  1. Access nessus portal at https://FQDN:8834/ and login as root user
  2. Go to "My Scans" -> "New Scan"
  3. Select "Advanced Scan"
  4. Under Basic -> General
    1. Give appropriate name and description (Eg centos7-scan-target)
    2. Give target IP(s) (Eg 172.31.1.41)
  5. Under Discovery -> Host Discovery
    1. Enable UDP under ping methods
  6. Under Discovery -> Port scanning
    1. Enable TCP under "Network Port Scanners"
  7. Under Assessment -> General
    1. Enable perform thorough tests
  8. Under Advanced
    1. Uncheck "Enable safe checks"
    2. Check "Enumerate launched plugins"
  9. Save the scan
  10. Run the scan


Scan Linux target with authentication

To scan a Linux target with authentication use:

  1. Create scan similar to non-authenticated scan described above
  2. Go to Scan -> Configure.
  3. Go to credentials tab while configuring the scan
  4. Select SSH.
  5. Update authentication method to password
  6. Give root username and password
  7. Save the scan
  8. Run the scan


Scan Windows target with authentication

To scan a Windows target with authentication use:

  1. Create scan similar to non-authenticated scan described above
  2. Go to Scan -> Configure
  3. Go to credentials tab while configuring the scan
  4. Click on Windows
  5. Let authentication method be password
  6. Enter administrator username and password. Optionally enter domain name.
  7. Uncheck "Never send crendentials in clear"
  8. Uncheck "Do not use NTLMv1 authentication"
  9. Check "Start Remote Registry service during the scan"
  10. Check "Enable administrative shares during the scan"
  11. Save the scan
  12. Run the scan


Export scan reports

  1. Open scan page
  2. From top right corner choose Export as either pdf or html
  3. Export either executive summary (brief) or custom (Detailed) report in desired format.



<yambe:breadcrumb>CentOS_7.x_nessus|CentOS 7.x nessus</yambe:breadcrumb>