Using Nessus Vulnerability scanner

In this section I will be using the Nessus Vulnerability scanner to scan my network and fix a Vulnerability found.

Scenario:

You are to download and install Tenable Nessus essential on your Virtual Machine(VM) or on your home computer. Upon doing this you should scan your network and correct any vulnerabilities you see.

This screenshot shows my network being scanned by the nessus vulnerability. You can see on the address bar at the top that it says "Not Secure". Nessus Essentials uses a self-signed SSL certificate for HTTPS communication. This means the certificate is not issued by a trust certificate authority(CA) recognized by my browser(Google Chrome). Nessus is a trusted piece of software so it is no worry.

In this screenshot we can see the scan is running and has found several vulnerabilities within devices on my home network. Because I only have access to my device(my laptop) I will just be focusing on vulnerabilities for this device.

My device (192.168.1.245) shows a few vulnerabilities but nothing super critical. Lets check them out and see how we can fix them.

The first one we are going to look at is the SSL certificate vulnerability. It gives it a score of 6.5 which is worrisome enough to investigate. It says that the server's X.509 certificate cannot be trusted and explains that when the top of the certificate chain is sent by self signed certificates(among other reasons) it can be not secure and show this vulnerability. Nessus does use a SSL certificate and because I am only using this software for purposes of this lab, I will not be purchasing a proper certificate or going through their steps they provide on how to get this vulnerability to go away. We know Nessus is a trusted software.

This second vulnerability lets me know that signing is not required on the remote SMB server and gives it a base severity score of 5.3. It also lets me know that an unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against my SMB server. It also gives me a solution which is fairly simple to do on my Windows device.

Based on the instructions I went to my local group policy editor. I went to the security settings, then to local policies and then to security options. I changed both the Microsoft network client: Digitally sign communications(always) to enabled and I changed Microsoft network server: Digitally sign communications(always) to enabled as well. Doing this allows me to prevent Man-in-the-middle attacks and enhance my personal security.

This screenshot shows me using Powershell to check if what I changed actually is enabled. I ran two different commands to check and they both returned True indicating that SMB singing is enabled. "Get-SmbClientConfiguration" retrieves the configuration settings for the SMB client. Then "|" pipes the output of Get-SmbClientConfiguration to the next command. Next "FL" formats the output as a list showing the properties and values cleary. Lastly "RequireSecuritySignature" specifies the property being queried.

Summary:

In this project I downloaded, installed and used Nessus vulnerability scanner on my home network. It found several vulnerabilities in my network and I corrected ones on my personal device and have increased the security on my device. Nessus is a great tool but it is not perfect and should be used in conjunction with other software to find all vulnerabilities that might be plaguing a network.

Page updated

Google Sites

Report abuse