Nessus Vulnerability

Scanner
Week 10 Assignment
This document explains the use of the free version of the
Nessus vulnerability scanning tool. It also outlines the finding
of the scan that was preformed on the network belonging to
my parents.
Gunner Howell
3/27/2016

Table of Contents
Section 1: Nessus ............................................................................................................................ 2
Install........................................................................................................................................... 2
Set up .......................................................................................................................................... 2
Scan launch ................................................................................................................................. 3
Section 2: Home Network ............................................................................................................... 3
Network....................................................................................................................................... 3
Section 3: Scan Results ................................................................................................................... 3
Vulnerabilities Found.................................................................................................................. 3
Solutions ..................................................................................................................................... 5
Network Evaluation .................................................................................................................... 5

Section 1: Nessus
This section explains the steps that were taken to operate Nessus. It details the installation, scan
set up, and scan launch.

Install
The installation process is simple. The Nessus web site offers several versions of its vulnerability
scanner. The free home version was used for this assignment. Select the distribution that fit the
operating system being running and click to begin the download. After it is downloaded the user
well need to set up a username and password then register the program. Once it is registered an
activation code well be sent to an email provided by the user. From there it well launch a web
interface for the Nessus program.

Set up
To set up a scan it select New Scan in the top right corner and fill start with a scan name,
description, save location, and target. If a target file is already saved it can be uploaded. Figure 1
shows the opening page for setting up the scan.
Figure 1: Scan Set Up

Using the tabs on the right side of the screen the user can configure the scan further. One can
schedule the scan to run as specific times, range of ports, and the final report format. The
advanced settings allow the user to make specific adjustment to the scans such as number of
hosts scanned and network timeouts. It also allows for a debug option to be enabled. The default
setting were used for most of the network scan however the report was set to generate in as much
detail as possible..

Scan launch
Once all the setting are adjusted to meet the requirements of the user save the scan and it can be
launched by selecting it under My Scans. Once it is launched it can take a few minutes to a
few hours depending on the size and complexity of the network. After the scan is completed it
well generate a report that can be exported as a PDF or other format. The results of the scan are
explained in section 3 of this report.

Section 2: Home Network

This section outlines the network that was scanned by Nessus. The network was a private
network that is owned by an elderly couple. Permission was granted before the scan was
initiated.

Network
The network only has five devices on it that were active at the time of the scan. Each device was
scanned by Nessus for possible vulnerabilities. The following is the address for the devices.
192.168.1.1 (Router)

192.168.1.2 (Desktop)

192.168.1.3 (Laptop)

192.168.1.4 (Printer)

192.168.1.5 (Laptop)

Section 3: Scan Results

This section explains the final results of the vulnerability scan done by Nessus. It outlines the
vulnerabilities that were found , the solutions for the vulnerability, and final network evaluation.

Vulnerabilities Found
Very few vulnerabilities were found on the network. Figure 2 shows a graph based on the
severity of vulnerabilities found.

Figure 2: Vulnerabilities

As figure 2 shows most of the scan results were just information with a few low and medium
level vulnerabilities. There was one high risk vulnerability found on the first device. Figure 3
shows the brake down of the scan results for that device. The high risk vulnerability was a
remote access protocol that was left active on the router. The medium level vulnerabilities were
certification errors that can occur when using the free version of Nessus.

Figure 3: 192.168.1.1

Solutions
The solution for the high risk vulnerability was recommended by Nessus was to restrict access to
the device and disable the protocol. The certificate errors can be generated by the free version of
Nessus.

Network Evaluation
The final evaluation of the network is acceptable. Only one high risk vulnerability was found and
the medium level vulnerabilities were really false alarms.