Utilizing Nessus for Effective Risk Management in Organizations

project title n.w
1 / 24
Embed
Share

"Learn how to leverage Nessus, a powerful vulnerability scanner, for risk management in organizations. Explore the fundamentals of Nessus, installation steps, and user interface insights to enhance network security and mitigate potential risks effectively."

  • Nessus
  • Risk Management
  • Vulnerability Scanner
  • Network Security
  • Organization
rayaanacharya
haas_ott Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Project Title Using Nessus for risk management Name : Justice Ntiako Antwi

  2. Introduction As mention in the project title I will therefore define risk management as the approach or study in which organization take steps to identify the potential risks in the organization then analyze that risk take corrective actions to mitigate that risk. Risk management can also be called risk assessment approach. There are many risks which an organization faces like financial risks, market risk, legal issues, and natural risk like natural disasters. We can t ever completely remove all risk, but we can find ways to reduce or eliminate many risks. And one of the ways to reduce risk is to do vulnerability assessment or vulnerability scanning but with my project Nessus will be the main scanner. There are various vulnerability tools which most organizations have been using but with regards to my project, I will be using Nessus to test networks for vulnerability.

  3. NessusProducts Brief Nessus is sold by Tenable Security. The tool is free for non-enterprise use; however, for enterprise consumption, there are options that are priced differently. The following are the available options at your disposal: Tenable.iois , Nessus Agents , Nessus Manager and finally Nessus Professional which will be installed on this computer then scan the network but inputting the IP address .

  4. Fundamentals of the NessusVulnerability Scanner For us to appreciate the capabilities Nessusoffers, we need to understand some fundamentals. We will first discuss the user interface and take a look at how to install Nessuson Linux and Windows Operating Systems.

  5. Installation on Windows You can obtain the Windows installer by downloading according to your architecture and operating system. Once downloaded, double-click on the installer and finish the installation by going through the wizard. You might be prompted to install WinPcap; if so, proceed with that installation as well.

  6. Understanding the User Interface After installation and during my first run, It will be required to activate your product based on the license type you intend to install. Therefore from the browser I typed http: 172.0.0.8834 then the license is activated, it is time to get down to running the Nessus scanner. The Nessus user interface is primarily made up of two main pages: the scans page and the settings page. These pages allowed me to manage scan configurations and set up the scanner according to how I would like it to perform within the system. I accessed these pages from the tab panel shown below.

  7. Understanding the User Interface

  8. Scans Page The scans page allowed me to create a new scans and also able to manage them after scan . Now at the bottom left it was noted that a section allowed me to configure polices that will apply to the scans. When you create a new scan or policy , a scan template or policy template appears .

  9. Scans Page

  10. Settings Page Settings page will contain configuration information, allowing you to define settings for your LDAP, Proxy and SMTP server for additional functionality and integration within your network

  11. Settings Page

  12. Vulnerability Scanning With Nessus Nessus performs its scans by utilizing plugins, which run against each host on the network in order to identify vulnerabilities. Plugins can be thought of as individual pieces of code that Nessus uses to conduct individual scan types on targets. Plugins are numerous and wide in their capabilities. For instance, a plugin could be launched and targeted at a host to: Identify which operating systems and services are running on which ports Identify which software components are vulnerable to attacks (FTP, SSH, SMB and more) Identify if compliance requirements are met on various hosts The steps that are followed during scanning can be summarized in the image below

  13. Vulnerability Scanning With Nessus

  14. Vulnerability Scanning With Nessus Step 1: Nessus will retrieve the scan settings. The settings will define the ports to be scanned, the plugins to be enabled and policy preferences definitions. Step 2: Nessus will then perform host discovery to determine the hosts that are up. The protocols used in host discovery will be ICMP, TCP, UDP and ARP. You can specify these per your desires. Step 3: Nessus then performs a port scan of each host that is discovered to be up. You can also define which ports you will want scanned. Ports can be defined in ranges or individually, with valid ports ranging from 1 to 65535. Step 4: Nessus will then perform service detection to determine the services that are running behind each port on each host discovered Step 5: Nessus then performs operating system detection. Step 6: Once all the steps are complete, Nessus runs each host against a database of known vulnerabilities in an attempt to discover which host contains which vulnerabilities.

  15. The image below summarizes these steps:

  16. Configuring a NessusScan Nessus gives you the ability to configure your scan based on different scan and policy templates. These templates will determine the settings that will be found within the scan policy settings. The following are the general settings that can be accessed: Basic: With this setting, you can specify security-related and organizational aspects of the scan or policy. These aspects will include the name of the scan, the targets of the scan, whether or not it is scheduled and who has access to it. Discovery: This is where you would define the ports to be scanned and the methods to be used while conducting this discovery. There are some sections within this setting that you should take a look at.

  17. Configuring a NessusScan Assessment: This setting allows you to determine the type of vulnerability scan to perform and how they are performed. Nessus will check susceptibility of Web applications to attacks and other systems to brute-force attacks as well. This setting has sections that allow you to customize general scans to Windows, SCADA, Web applications, and even brute-force checks. Report: This setting will allow you to determine how scan reports are generated and the information that should be included within them. Advanced: Here you will define scan efficiency and the operations that the scan should perform. You will also be able to enable scan debugging here.

  18. Launching a NessusScan

  19. New Scan

  20. Conclusion Now after running the Nessus scanner it will basically offers means to analyze the result which it generates automatically. The application itself often list each vulnerability found and will suggest to every user how this problem could be fixed. For instance, I have a target that s running an outdated version of Adobe Flash. Finally, my approach with regards to this Adobe missed patches is to apply one Abode Flash update will install all the missing updates. The Nessus Vulnerability Scanner is one of the most common vulnerability scanners in the cyber security industry today. The functionality that you get, especially with the commercial version, is total guarantee of value for your money. While it is also important to confirm your vulnerability hits by running other vulnerability scanners against your targets to eliminate the possibility of any false positives, Nessus s functions justify its popularity.

  21. References http://www.sans.org/reading_room/whitepapers/audi ting/introduction-information-system-risk- management_1204 http://technet.microsoft.com/en- us/library/cc958343.aspx http://www.fema.gov/pdf/plan/prevent/rms/155/e155_ unit_v.pdf

Related


No related presentations.

More Related Content