If your like me, you have too many devices on your network, and there is no way to ensure that the software is up to date on everything. This is when Nessus home version could be very useful to find those specific versions of software on your network that are out of date or let you know about possible configuration issues. Click Here, to check out my installation walk through if you have not installed Nessus.
I will be running Nessus with Kali, but it should be similar with other operating systems.
1.Start the Nessus service
2.Open your browser of choice and navigate to https://localhost:8834
3.Login and click the link “Create a new scan” Lets first discover the assets on your network. Find and click the Host Discovery option
4.Fill out the form as shown. On the targets input box input your network and subnet to give the software a range to scan
5.Select the Triangle icon to the right to launch the scan
6.This scan will only take a few seconds
6.Once the green circle stops spinning the scan is finished, click the name of the scan to see more details
7.Now you will see the IP’s of each host on the network. This will allow us to make a more specific scheduled scan for hosts on the vulnerability scans
8.Now go back to the main menu by clicking Nessus in the upper left then click new scan in the upper right
9.We will now click on Basic Network Scan
10.Enter the hosts found in the host discovery scan separated by a comma, and click save
11.Now select Launch/Default from the newly configured scan
12.This scan will take a bit longer than the discovery scan.
13. Nessus gives you a list of all the vulnerabilities and some methods of fixing the vulnerabilities. Below are some screen shots of my scan.
14.Details about Vulnerabilities
15.Possible remediation for vulnerabilities found in the scan
16.Quick view of vulnerabilities found on hosts
Now update those boxes and check out my future articles for further information security walk-through’s.