Module 6: Running a Credentialed Nessus Scan

Part 1: Configure a Credentialed Scan in Nessus Essentials

  1. Gather VM Credentials:

    • Ensure you remember the username and password for the VM’s admin account, as they will be used for the credentialed scan.

    • If you need to verify the username, open Command Prompt on the VM, type whoami, and note the output.

  2. Access Nessus Essentials and Edit Scan Settings:

    • Open Nessus Essentials on your host computer (https://localhost:8834) and go to Scans.

    • Locate the scan you previously set up for the VM, check the box next to it, click More, and select Configure.

  3. Add Windows Credentials to the Scan:

    • Go to the Credentials tab within the scan configuration.

    • Select Windows and enter the VM’s admin credentials:

      • Username: Enter the admin username (e.g., admin).

      • Password: Enter the admin password.

    • Leave the other options at their defaults for now. Click Save to save these settings.

  4. Launch the Credentialed Scan:

    • Go back to the Scans page, select your configured scan, and click Launch to start the scan.

Part 2: Review and Compare Scan Results

  1. Monitor the Scan Progress:

    • You can click on the scan in Nessus to see real-time progress. Nessus will record each finding as it completes scanning different areas.

  2. Check Completed Results:

    • Once the scan finishes, click on it to view detailed results. You should see more findings compared to the initial scan without credentials.

  3. Compare with Non-Credentialed Scan Results:

    • To compare, go to History within the scan results and select the previous (non-credentialed) scan. The non-credentialed scan will likely have fewer findings, such as fewer critical and high vulnerabilities.

    • With credentials, Nessus can now inspect the registry, file system, and other internal aspects of the VM, revealing more vulnerabilities.

  4. Analyze Findings and Remediation Suggestions:

    • In the Vulnerabilities tab, review the critical, high, and medium vulnerabilities.

    • Click on individual vulnerabilities for detailed descriptions and recommended remediations. For instance:

      • Edge Browser Issues: Many findings may relate to outdated or insecure configurations in Microsoft Edge.

      • File System and Registry Vulnerabilities: These are only visible in a credentialed scan and provide deeper insights into the VM’s security posture.

  5. View High-Level Remediation Recommendations:

    • Go to the Remediations tab for an overview of fixes. This tab typically suggests high-level actions like applying Windows updates and specific patches to address multiple vulnerabilities at once.

    • Review the VPR Top Threats tab, which highlights prioritized vulnerabilities based on severity and other risk factors.

  6. Next Steps for Continuous Improvement:

    • For production or organizational environments, consider setting up automated patch management to address these types of vulnerabilities regularly.

    • If necessary, schedule recurring credentialed scans in Nessus to maintain a secure environment and catch newly introduced vulnerabilities.

Learn

Master vulnerability management through our comprehensive course.

info@vulnmanagementacademy.com

© 2024. All rights reserved.