Bài Tập Thực Hành - NESSUS: Lesson 1 Set up scans and read results

{ Set up scans and read results }

---

Background Information

1. What is NESSUS?
   • Tenable Network Security provides enterprise-class solutions for continuous monitoring and visibility of vulnerabilities, configurations, user activity and system events that impact security and compliance.
   
   
   • Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.
2. Reference Link: 
   • http://www.tenable.com/
3. Lab Notes
   • In this lab we will do the following:
     1. Create a Nessus Internal Scan
     2. Scan Damn Vulnerable WXP-SP2
     3. Analyze Results
     4. Export Results
4. Legal Disclaimer
    
   •  Đào tạo an toàn thông tin - Www.AnToanThongTin.Edu.Vn

Section 1: Login to PENTEST-WXP (Attacking Machine)

1. Start Up VMWare Player
   • Instructions:
     1. Click the Start Button
     2. Type Vmplayer in the search box
     3. Click on Vmplayer
   • 
2. Edit Virtual Machine Settings
   • Instructions:
     1. Click on PENTEST-WXP
     2. Edit Virtual Machine Settings
   • Note:
     • This VM is running Windows XP.
   • 
3. Set Network Adapter
   • Instructions:
     1. Click on Network Adapter
     2. Click on the radio button "Bridged: Connected directly to the physical network".
   • 
4. Start Up PENTEST-WXP
   • Instructions:
     1. Click Play virtual machine
   • 
    
5. Send Ctrl+Alt+Del
   • Instructions:
     1. Click Player
     2. Click Send Ctrl+Alt+Del
   • 
6. Logging into PENTEST-WXP
   • Instructions:
     1. Username: administrator
     2. Password: Supply your password
   • 
7. Open a Command Prompt
   • Instructions:
     1. Start --> All Programs --> Accessories --> Command Prompt
   • 
8. Determine IP Address
   • Instructions:
     1. ipconfig
   • Note(FYI):
     • My IP Address is 192.168.1.111. 
     • Your IP Address will probably be different.
   • 

Section 2: Login to Damn Vulnerable WXP-SP2 (Victim Machine)

1. Edit Virtual Machine Settings
   • Instructions:
     1. Click on Damn Vulnerable WXP-SP2
     2. Edit Virtual Machine Settings
   • Note:
     • This VM is running Windows XP.
     • This is the Victim Machine that we will be scanning with PENTEST-WXP.
   • 
2. Set Network Adapter
   • Instructions:
     1. Click on Network Adapter
     2. Click on the radio button "Bridged: Connected directly to the physical network".
   • 
3. Start Up Damn Vulnerable WXP-SP2.
   • Instructions:
     1. Start Up your VMware Player
     2. Play virtual machine
   • 
4. Logging into Damn Vulnerable WXP-SP2.
   • Instructions:
     1. Username: administrator
     2. Password: Use the Class Password or whatever you set it.
   • 
5. Open a Command Prompt
   • Instructions:
     1. Start --> All Programs --> Accessories --> Command Prompt
   • 
6. Obtain the IP Address
   • Instructions:
     1. In the Command Prompt type "ipconfig"
   • Note(FYI):
     • In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
     • This is the IP Address of the Victim Machine.
     • Record your IP Address.
   • 

Section 3: Login to Nessus

1. Start the Nessus Web Client
   • Instructions:
     1. Make sure you are on PENTEST-WXP
     2. Click on the Nessus Web Client located on the desktop
   • 
    
2. Login To Nessus
   • Instructions:
     1. Username: admin
     2. Password: Supply your password
     3. Click the Sign In To Continue Button
   • 

Section 4:  Creating a Scan

1. Click on Scan
   • Instructions:
     1. Click on the Scan Tab
     2. Click on New Scan
   • 

2. Create New Scan
   • Instructions:
     1. Scan Title: Damn Vulnerable WXP-SP2
     2. Scan Type: Run Now
     3. Scan Policy: Internal Network Scan
     4. Scan Target: Input Damn Vulnerable WXP-SP2's IP Address.
        • In my case, the IP Address is 192.168.1.116
     5. Click the Create Scan Button
   • 
3. Monitor the Scan
   • Instructions:
     1. Click on the Running Status
   • 
4. Host Result Summary
   • Instructions:
     1. Wait 5 to 10 minutes until scan is 100% complete.
     2. Click on the purple section to see the most critical vulnerabilities.
   • 
5. View Critical Alert(s)
   • Instructions:
     1. Click on MS08-067
   • 
6. Analyzing MS08-067 Results
   • Instructions:
     1. Read the Synopsis
     2. Read the Description
     3. Read the Vulnerability Information
        • This will show you which tools can be used to exploit this vulnerability.
   • Note(FYI):
     • Basically the attacker can use a tool like Metasploit to mangle the kernel by overflowing the stack and then execute code after overrunning the kernel.
   • 
7. View Critical Alert
   • Instructions:
     1. Export Format: CSV
     2. Click the Export Button
   • 
8. Download Report
   • Instructions:
     1. Click the radio button "Save File"
     2. Click the OK button.
   • 
   
   

Section 5:  Proof of Lab

1. Open a Command Prompt
   • Instructions:
     1. Start --> All Programs --> Accessories --> Command Prompt
   • 
2. Proof of Lab Instructions
   • Instructions:
     1. cd "My Documents\Downloads"
     2. type *.csv | findstr MS08-067
     3. date /t
     4. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
     5. Do a PrtScn
     6. Paste into a word document
     7. Upload to website Www.AnToanThongTin.Edu.Vn
   •