Nessus Users Guide
The Nessus™ vulnerability scanner is a Unix based client-server
vulnerability scanner freely distributed at www.nessus.org.
The Nessus features high speed discovery, configuration auditing, asset
profiling, sensitive data discovery and vulnerability analysis of your security
posture. Nessus scanners can be distributed throughout an entire enterprise,
inside DMZs, and across physically separate networks.
The Nessus application performs all the actual scans. Nessus contains a
vulnerability signature database known as "plugins". It scans a target computer for open ports and known vulnerabilities
against it's "plugins" and reports
any issues found. The plugins are kept up-to-date with an automated update
process on Nessus. The Nessus client interacts with the Nessus application on
the
server via a graphical interface in order to direct scans and report
vulnerabilities. Although the Nessus server runs on UNIX, a Windows client is
available for download. A single installation of the Nessus client can direct the server to
scan numerous target computers.
In the UCF environment, the
Nessus application is maintained by the Information Security Office and Network
Operations, therefore there is no need to install individual Nessus servers. Departments need to
install a Nessus client in order to use the Nessus application on the server.
This document details the procedure to use Nessus at UCF.
Step 1: Requesting a Nessus Account
The first step is to request a Nessus account from the Information Security
Office. Users of the UCF Nessus system must be department IT administrators.
To obtain a login:
- Contact the UCF Service Desk, 407-823-5117 or
Servicedesk@mail.ucf.edu
- Request a ticket to be created for the Information Security Office (ISO) for a Nessus account.
- The work request ticket will be assigned to ISO for processing.
The account created will be restricted to scanning only the IP addresses
assigned to that individual.
Step 2: Download and install the Nessus client
The Nessus Clients are available from http://www.nessus.org/download/,
choose a Nessus client according to your platform from the dropdown list and
install the client.
For more information on Nessus installation, please go to:
http://www.nessus.org/documentation/nessus_3.0_installation_guide.pdf
For more information on Nessus Client Usage, please go to: http://www.nessus.org/documentation/nessus_3.0_client_guide.pdf
Step 3: Using Nessus
In order to run Nessus scans, the client must contact the
Nessus server and authenticate. You will need a unique login name and password
that will be provided by the Information Security Office upon request. If you do not have
a login, please see Requesting a Nessus Account.
The server name is nessus.cc.ucf.edu.
Enter the Login name and password provided by the Network Security Team, and
connect to the server.
Only specific hosts managed by your department are permitted to scan. Scans of production hosts should
only be performed during maintenance or non-peak times, as the scan could potentially
render the host temporarily inoperable due to an operating system
vulnerability.
A listing of all the available plugins is organized by type. Non-DOS runs all plugins except those that
might cause a Denial of
Service (DOS) attack. It is recommended that Non-DOS be Enabled.
For more information on Nessus usage: please go to: http://www.nessus.org/documentation/nessus_3.0_advanced_user_guide.pdf
Additional Nessus Links
SecurityDocs:
Nessus
Nessus Documentations
SecurityDocs:
Introduction to Nessus Tutorial
Introduction
to Nessus
Nessus,
Part 2: Scanning
Nessus,
Part 3: Analyzing Reports
Edgeos : Nessus
Knowledge Base : Private-Labeled Vulnerability Assessment and Security Services
Nessus Plugins
|
