Table of Contents
What is Nessus and what are its features?
Nessus is a vulnerability scanner that scans targets and finds potential vulnerabilities while also scanning for antimalware products. It can be used to perform vulnerability analysis and penetration testing on hosts to identify security issues. Nessus has been in use since 2000, and it is developed for free by Tenable Network Security, Inc. It is available in two versions: scanner and server. The scanner version, which is less feature-rich, is available for free while the server version of Nessus can only be installed by paying a licensing fee. The scanner version of Nessus is designed for security auditing and intrusion detection system (IDS) monitoring. The server version, on the other hand, is capable of managing vulnerability checks, managing compliance data in the form of scans, reports and schedules running vulnerability checks and publishing vulnerability scan reports to a central location.
Nessus has been used in many security audits. For instance, it has been used in the Black Hat 2012 audit by Cleared Scans to scan for vulnerabilities on devices connected to public Wi-Fi access points. The scans included wireless routers, gaming systems and wireless printers. The scanning revealed that over a thousand devices had vulnerabilities in the form of open ports without any password protection.
How can Nessus be used to identify high value targets in an organization’s network infrastructure and data stores?
One of the most important uses of Nessus is to identify high value targets in an organization’s network infrastructure and data stores. High value targets are those that are known ports on the Internet, such as HTTP, FTP, SSH, Telnet, and SMTP. There may be other high value targets in an organization’s infrastructure and data stores, such as internal communication broker applications or web servers. These targets can be identified by scanning the Internet for applications that are open to unauthorized access. It is easy to find web servers on the Internet by using search engines or websites that provide such information. It is quite easy to enumerate a private IP address range on the Internet as well. One can do a Google search for the name of a network and find hundreds of websites that list providers in that network range, as well as their contact information, website hosting plans, etc. In addition to private IP address ranges and web servers, it’s possible to find hosts with known open ports, but high value targets are not necessarily known ports. It is possible to identify high value targets even without knowing the open ports on which they are running. For example, scanning an organization that has an unknown number of hosts on the Internet may reveal a “web server” that is actually a printer. This type of discovery can lead to internal vulnerabilities being discovered.
Nessus has several features that make it easy to scan the Internet and other networks for hosts with known open ports:
What are the benefits of using Nessus to identify high value targets in an organization’s network infrastructure and data stores?
An attacker may also be able to use the information gathered by Nessus to gain unauthorized access to the Internet, FTP service, and DNS server. Since Nessus provides a list of potential exploits, an attacker can select his target hosts and choose the right exploit for each host. As a result, the attacker is able to gain unauthorized access to the hosts in your network.
Data theft can also result from an attempt to exploit the discovered vulnerabilities. The attacker may want to use your organization’s resources for his own purposes. For example, an attacker may want to use your FTP server and network as a jumping-off point in attacking another company’s systems or the Internet in general.
How can organizations ensure that they are getting the most out of their investment in Nessus for identifying high value targets?”
It may be necessary for an organization to perform a vulnerability assessment of the entire network to get information about all the hosts and their vulnerabilities. To identify high value targets, an organization can analyze its network, map which ports are connecting to the Internet, and identify all open ports. This information can be used to determine which applications are exposed on the Internet and which applications may be at risk of being attacked. The target identification process can then be applied to each high value target using Nessus and other security tools.
The next step is to determine the risk associated with each identified high value target. This can be done by consulting threat, vulnerability, and impact assessments (TVIAs) for appropriate countermeasures, or reading about attacks that have been seen in the wild (as reported by the Open Web Application Security Project or OSVDB). This can be done in conjunction with the vulnerability analysis to determine whether the vulnerability has a known exploit. An organization should have an asset inventory in place so that it can value its assets properly. The assets identified should include:
Performing risk analysis, including reviewing which assets and infrastructure support critical business processes.
Are there any potential downsides to using Nessus for identifying high value targets in an organization’s network infrastructure and data stores?”
The most important potential downside of using Nessus for identifying high value targets is the possibility that it may be blocked by security filters. Since Nessus sends a lot of traffic to hosts in the network, there is a possibility that it will be blocked by the organization’s security filters. The other potential downside is that the information gathered by Nessus may be a double-edged sword. Even though it produces information to help organizations identify high value targets, it also leaks some confidential details about the configuration of the network infrastructure and data stores. This includes information such as which applications are installed on hosts and internal communication between hosts.
How are you planning on using Nessus to identify high value targets in an organization’s network infrastructure and data stores?
Do you want to use Nessus for identifying high value targets in an organization’s network infrastructure and data stores? If so, which of the following is most important for you to achieve with your use of Nessus? If you have additional questions, please let us know. We will be happy to help however we can. Thank you for your time.
##
HTTPS DOWNLOAD: AVAILABLE HERE. PUT AN ID INTO THE SEARCH BOX AT THE TOP AND CLICK SEARCH.
