Performing a database audit
In the previous recipes, we have seen a great deal about the need for a configuration audit and its contribution toward more secure networks. In this recipe, we will be looking at using the compliance scan feature of Nessus to perform a configuration audit of a MariaDB database.
Getting ready
The Getting ready section for this recipe is same as the Getting ready section of the Selecting a compliance scan policy section. Further, instead of using the Metasploitable virtual machine as the test setup, we are going to use the Kali Linux operating system. You can download the Kali Linux ISO from https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/. Download and unzip the package to find a .vmx
file, as in the Getting ready section of Selecting a compliance scan policy section.
Use the following syntax to start the MySQL service and set a password for the default user root so that we can remotely log in to the service using the same credentials...