Nessus – finding network vulnerabilities
Nessus allows us to attack a wide range of vulnerabilities depending on our feed, and we will confine our list of assessing the vulnerabilities of our target to those specific to the type of information we seek to gain from the assessment. In this recipe, we will configure Nessus to find network vulnerabilities on our targets. These are vulnerabilities specific to the machines or protocols on our network.
Getting ready
To complete this recipe, you will need a virtual machine(s) to test against:
Windows XP
Windows 7
Metasploitable 2.0
A network firewall or router
Any other flavor of Linux
How to do it...
Let's begin the process of finding network vulnerabilities with Nessus by opening the Mozilla Firefox web browser:
Log in to Nessus at
https://127.0.0.1:8834.Go to Policies.
Click on Add Policy.
On the General tab, perform the following tasks:
Enter a name for your scan. We chose
Internal Network Scan, but you can choose any name you wish.Visibility has two options...
