Project 18: Nessus (15 pts + 15 pts extra)

What you need

Purpose

To practice using the Nessus vulnerability scanner.

Obtain a Nessus Activation Code

https://www.tenable.com/products/nessus/activation-code

Fill out the form with your name and email address and click the Register button.

On the next page, click the Download button.

Click the appropriate download link, as shown below.

Agree to the agreement.

Installing Nessus on Windows

On your Windows machine, double-click the installer. Install the software with the default options.

A Web page opens, as shown below.

Click the "Connect via SSL" button.

On the next page, approve the SSL exception. If you are using Internet Explorer, that's done by clicking "Continue to this website (not recommended)".

On the next page, enter a username and password you can remember, as shown below. I used nessus and Nessus!, which are obviously not very secure choices, appropriate only for testing purposes.

Click Continue.

The next page asks for your Activation Code, as shown below. Check your email to get it.

Enter it and click Continue.

Wait while software downloads and installs, as shown below.

Finding Your IP Address

From your Windows desktop, click CMD. Click "Command Prompt". In the Command Prompt window, execute this command: 
IPCONFIG
Find your IP address, as shown below.

Scanning your Server

When Nessus is ready, the "My Scans" page appears, as shown below.

At the top right, click the "New Scan" button.

In the "Scan Templates" page, click "Basic Network Scan", as shown below.

Enter a Name of "basic" and a Target of your IP address, as shown below.

At the lower left, click the Save button.

In the "My Scans" page, on the "basic" line, on the right side, click the right-arrow to launch your scan, as shown below.

When the scan finishes, a gray check mark will appear in its line, as shown below.

Click "On Demand".

The results appear, as shown below.

They are color-coded.

Click the Vulnerabilities tab to see details, as shown below.

Click "SMB Signing not required".

On the next page, find the Plugin #, which is covered by a gray box in the image below.

18.1: Recording Your Success (15 pts)

Use the form below to record your score in Canvas.

If you don't have a Canvas account, see the instructions here.

Name or Email:
Plugin #:

18.2 Scan All Ports (5 pts extra)

Scan the "scanme.nmap.org" server (IP 45.33.32.156) with these steps:

In the results, click the Vulnerabilities tab. Click "Nessus SYN scanner", as shown below.

Four ports are open. Find the port number of the highest open port and enter it into the form below.

18.2: Recording Your Success (5 pts extra)

Use the form below to record your score in Canvas.

If you don't have a Canvas account, see the instructions here.

Name or Email:
Port number:

18.3 Windows Server 2008 (10 pts extra)

If you've been taking my classes, you should have an old, unpatched Windows 2008 server virtual machine. If not, you can download one from this page, in the "Local Hosting" box:

https://samsclass.info/126/PMA.shtml

Scan that machine with these steps:

The process is shown in this video.

The scan should find three critical vulnerabilities, as shown below.

Click the first one. This is one of the Equation Group vulnerabilities, leaked from the NSA. Find the US military code name for this exploit, which is covered by a gray box in the image below.

18.3: Recording Your Success (10 pts extra)

Use the form below to record your score in Canvas.

If you don't have a Canvas account, see the instructions here.

Name or Email:
Exploit name:

Sources

How to Hack Windows | Nessus Vulnerability Scan | Part 1

Posted 9-6-18
Added installation of dirmngr 10-10-18
Removed reference to Debian 11-6-18