Module 4: Running a Basic Nessus Network Scan

Step 1: Obtain the Virtual Machine's IP Address

  1. Access the Virtual Machine:

    • Go to your VMware Workstation Player and open the Windows 11 virtual machine.

  2. Retrieve the IP Address:

    • On the virtual machine, click Start and open the Command Prompt by typing cmd.

    • In the Command Prompt, type ipconfig and press Enter. This will display network details, including the IPv4 address (e.g., 10.0.0.189).

    • Note down this IP address as it will be needed for the Nessus scan.

Step 2: Verify Network Connectivity

  1. Ping the Virtual Machine from Your Host:

    • On your host computer, open the Command Prompt.

    • Type ping [VM_IP_Address] -t, replacing [VM_IP_Address] with the IP address you retrieved from the virtual machine (e.g., ping 10.0.0.189 -t).

    • The -t option allows continuous pinging to check for connectivity.

    • If you see a "Request timed out" message, continue with the next steps to disable the firewall on the virtual machine.

Step 3: Disable the Windows Firewall on the Virtual Machine

  1. Open Firewall Settings:

    • On the virtual machine, press Win + R to open the Run dialog, type WF.msc, and press Enter to open the Windows Firewall settings.

  2. Turn Off Firewall Profiles:

    • In the Windows Firewall settings, go to Windows Defender Firewall Properties.

    • For each of the three profiles (Domain, Private, and Public), select Off to disable the firewall. This is done to ensure uninterrupted communication for testing purposes (Note: Disabling the firewall is not recommended in production environments).

  3. Verify Connectivity:

    • Return to your host computer’s Command Prompt and check the ping results. You should now see successful replies from the VM’s IP address.

    • Press Ctrl + C to stop the ping test once connectivity is confirmed.

Step 4: Create a Basic Network Scan in Nessus Essentials

  1. Access Nessus Essentials:

  2. Create a New Scan:

    • In Nessus, go to Scans and click New Scan.

    • Choose Basic Network Scan as the type.

  3. Configure Scan Details:

    • Name: Enter a descriptive name, such as "Windows 11 VM Basic Scan."

    • Targets: Paste the IP address of your virtual machine (e.g., 10.0.0.189).

    • You can leave other settings at their defaults for a simple scan, but note that Nessus offers options for scheduling scans, scanning all ports, and setting custom configurations.

  4. Save the Scan:

    • Click Save to create the scan. This saves the configuration and prepares it for execution.

Step 5: Run the Basic Scan

  1. Launch the Scan:

    • Click on the newly created scan in Nessus, and select Launch to start the scan.

  2. Monitor Scan Progress:

    • You can click on the scan to view progress in real-time. Nessus will log its findings as it scans the target.

  3. Wait for the Scan to Complete:

    • The scan may take a few minutes, depending on the target configuration and network conditions. Once complete, a checkmark will appear next to the scan, indicating it has finished.

Step 6: Review Scan Results

  1. View Scan Results:

    • Click on the completed scan to open the results. Nessus categorizes findings by severity: informational (blue), low (green), medium (yellow), high (orange), and critical (red).

  2. Analyze Vulnerabilities:

    • Click Vulnerabilities to review the detailed results. For example:

      • SMB Signing Not Required: This indicates a potential vulnerability if your organization requires secure SMB communication.

      • Trace Route Information: Listed as informational, meaning it is not necessarily a vulnerability but something to be aware of.

      • SMB Detected on Port 445: Shows that SMB service is available on port 445, although no credentials were provided.

  3. Understanding Credentialed Scans:

    • In the Credentials tab, you can enter login credentials (such as the username and password created for the VM) to perform a deeper scan. This allows Nessus to analyze the registry, file system, and other areas within the VM to detect vulnerabilities in outdated software or insecure services.

    • For this basic scan, credentials were not used, so the scan results focus on external vulnerabilities and services.

  4. Optional: Plan a Deeper Scan:

    • To further explore vulnerabilities, consider setting up a credentialed scan using the VM’s login credentials. This will reveal additional information, especially if the VM has deprecated software or other internal security issues.

Learn

Master vulnerability management through our comprehensive course.

info@vulnmanagementacademy.com

© 2024. All rights reserved.