In this blog post, I will be going over a vulnerability scanning and remediation project I worked on using Nessus Essentials to scan local VMs hosted on a VMWare Workstation. For those of you who don’t know, Nessus is a vulnerability scanner that organizations use to monitor their networks, systems, and applications for security vulnerabilities. In this project, we will only be doing three steps of the vulnerability management lifecycle which are Discover, Remediate, and Verify. Below is a graphic of the complete Vulnerability Management Lifecycle.
The first step in this project is to register for an activation code for Nessus Essentials and download the software. Use this link: Nessus Essentials Vulnerability Scanner | Tenable®
After registering for an activation code, download Nessus for Windows Server 2008.
VMWare should be downloaded next which is going to be what we are going to use for our credentialed and non credentialed scans. Download here: Download VMware Workstation Player | VMware
The last thing that needs to be downloaded and set up is Windows Iso for your VMware Workstation. The link to download is here: Download Windows 10 (microsoft.com)
After everything has completed downloading, set up VMware and add your Windows Iso to the VMware workstation. When that is completed, open up the command prompt in your VMware workstation to get the IP address using the “ipconfig” command.
After you have the IP address, log in to Nessus, start a new scan and select Basic Network Scan.
You have the freedom to name your scan anything you would like. Under “Targets,” insert the IP address you just retrieved from your VMware workstation and click save. On the far right, you should see a launch button right next to the red “X.” Click that and wait a few minutes for the first scan to complete.
Congratulations, you have just completed a non credentialed scan. Let’s take a look at the results.
As you can see, some vulnerabilities showed up, but none that are critical. Let’s take it a step further and do a credentialed scan to see if more vulnerabilities show up. A credentialed scan is when the computer being scanned allows the tool to do a more in depth check to look for vulnerabilities. At the top, click on “Configure” and select “Credentials.” Now input your login info that you used to set up your VMware workstation and press the launch button again to start a new scan. The results should look something like this:
As you can see, there are some critical, high, and medium vulnerabilities that have showed up in the scan that can be remediated. In Nessus, there is even a section that tells you the recommended Remediations that you should take action on.
It seems as though most of the vulnerabilities on the VMware workstation are there because Microsoft Windows needs to be updated. If we go back to our VMware workstation and check our Windows updates, we should see that there are some updates that need to be done.
After updating your Windows system, do another vulnerability scan to confirm that majority of your scans are no longer there. I hope you enjoy this walkthrough of using Nessus for vulnerability management.
Contact Me
LinkedIn: Darius Stubbs | LinkedIn
Recent Comments