Security Assessment Method

Use nessus to test for problems

Get nessus running

Before using nessus, always run nessus-update-plugins to get all the latest plugins from nessus.org.

Then start the nessus server with nessus &

Use nessus

Start the nessus client with nessus

• Enable all attacks, then disable DoS and bruteforce.
• On the prefs tab, nmap wrapper, point to the grepable nmap output file you created earler, which will be outputfilename.gnmap
• Under "scan options", turn ON 'safe checks' to avoid bringing down your services.

Now run the scan. You can tail the log file to watch progress.

Save the file in native format, and in html format. A separate save is necessary for each format.

A note about 'safe checks'

Having 'safe checks' enabled will increase false positives. When 'safe checks' is turned on, nessus may find a suspected vulnerability, but will not run any potentially damaging exploit against it to possibly eliminate it as a finding.

Inspect the results

There will be a little 'do not enter' icon next to each serious finding, and a little triangle with a '!' on it next to warnings. We'll look at how to handle these in the next section.

Prev: <-nmap Next: manual testing->