Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Demo of security tool nessus - Network vulnerablity scanner


Published on

Demo of Security Tool - Nessus - Network Vulnerability Scanner.


Published in: Technology
  • Login to see the comments

Demo of security tool nessus - Network vulnerablity scanner

  1. 1. NESSUS Nessus- Network Vulnerablity Scanner 1
  2. 2. Index Topic Reference Slide Introduction to Nessus 3 History 4 Architecture 5 Operation 6 NASL 9 Features 10 Nessus UI 13 References 14 Nessus- Network Vulnerablity Scanner 2 Offshore software development company India
  3. 3. Nessus: A security vulnerability scanning tool • Remote security scanning tool • Raises an alert if it discovers any vulnerabilities that malicious hackers could exploit • Runs over 1200 checks to test if any of the attacks could be used to break in • Used by network administrators Nessus- Network Vulnerablity Scanner 3 Offshore software development company India
  4. 4. History • Started by Renaud Deraison in 1998 • The motive was to provide to the Internet community a free remote security scanner • On October 5, 2005, Tenable Network Security changed Nessus 3 to a proprietary (closed source) license • In July 2008, Tenable Network Security sent out a revision of the feed license that allowed home users full access to plugin feeds Nessus- Network Vulnerablity Scanner 4 Offshore software development company India
  5. 5. The Nessus Architecture • Nessus is based upon a client-server model • The Nessus server: nessusd • Responsible for performing the actual vulnerability tests • Listening to incoming connections from Nessus clients that end users use to configure and launch specific scans • Nessus clients must authenticate to the server before they are allowed to launch scans • This architecture makes it easier to administer the Nessus installations Nessus- Network Vulnerablity Scanner 5 Offshore software development company India
  6. 6. Operation • Nessus allows scans for : • Vulnerabilities that allow a remote hacker to control or access sensitive data • Misconfiguration : open mail relay, missing patches • Denial of service against the TCP/IP stack by using mangled packets • Preparation for PCI DSS audits Nessus- Network Vulnerablity Scanner 6 Offshore software development company India
  7. 7. Operation • Steps Involved : • Nessus starts with a port scan, with one of its internal port scanners • To determine which ports are open on the target • Trying various exploits on the open ports • Vulnerability tests • Written in NASL (Nessus Attack Scripting Language) • Results of the scan can be reported in various formats, such as plain text, XML, HTML and LaTeX • The results can also be saved in a knowledge base for debugging Nessus- Network Vulnerablity Scanner 7 Offshore software development company India
  8. 8. Nessus- Network Vulnerablity Scanner 8 Offshore software development company India
  9. 9. NASL : Nessus Attack Scripting Language • Scripting Language used by Nessus to form Attacks to detect vulnerability • Guarantees : • Will not send packets to any other hosts than target • Will execute commands on only local systems • Optimized built-in functions to perform Network related tasks like : • Socket operations • Open connection if port is open • Forge IP/TCP/ICMP packets Nessus- Network Vulnerablity Scanner 9 Offshore software development company India
  10. 10. Features • Provides remote and local (authenticated) security checks • A client/server architecture with a web-based interface • Server: Performs Attacks • Client: Front-end • Both can be located at different machines • Security Tests are, as external Plugins, easy to add / modify / test without reading source code of Nessus Nessus- Network Vulnerablity Scanner 10 Offshore software development company India
  11. 11. Features • Audits anti-virus configurations • Performs sensitive data searches to look for credit card, social security number and many other types of corporate data • Nessus can call Hydra (an external tool) to launch a dictionary attack • Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis • These checks are available for free to the general public • Commercial customers are not allowed to use this home feed any more Nessus- Network Vulnerablity Scanner 11 Offshore software development company India
  12. 12. Features • The Professional feed (which is not free) also gives access to support and add additional scripts (audit and compliance tests) • Can Test unlimited amount of hosts in each scan • Depending on the power of Server, scan can be performed on any range of hosts • Smart Service Recognition • Doesn't believe on fixed port for a particular service • Checks all ports for specific vulnerability Nessus- Network Vulnerablity Scanner 12 Offshore software development company India
  13. 13. Nessus UI • The Nessus User Interface (UI) is a web-based interface to the Nessus scanner • Nessus Scanner is comprised of a simple HTTP server and web client, and requires no software installation apart from the Nessus server • The UI displays scan results in real-time • User does not have to wait for a scan to complete to view results Nessus- Network Vulnerablity Scanner 13 Offshore software development company India
  14. 14. References 1. 2. 3. 4. Network Security Assessment: Know Your Network By Chris McNab (chapter 15) 5. 6. Symbiosis students. • Aswathi Jayaram • Priti Patil • Shivendra Rawat • Sudeeksha Verma Nessus- Network Vulnerablity Scanner 14 Offshore software development company India