Main Menu
Website Search
Popular
Latest

PostHeaderIcon Vulnerability Assessment With Nessus and Ntop

PostDateIconWednesday, 15 October 2008 17:45 | PostAuthorIconWritten by Administrator |

Vulnerability Assessment

Here’s a mini-howto on installing nessus and ntop - 2 tools I believe are a must have for any network admin. Nessus is a vulnerability assessment tool and a great way of checking open ports, uninstalled patches and older versions of software running on the end-user systems in a network. Ntop is a graphical network monitoring tool that serves a dual purpose - network overview on a daily basis and management reporting.

Nessus = Vulnerability Assessment Tool (http://www.nessus.org/download/)
Ntop = Network monitoring tool (http://www.ntop.org/)

 

Nessus Installation Steps:

On Ubuntu Dapper System (Nessus Server)
1 sudo apt-get install nessusd
2 nessus-mkcert
3 nessus-adduser
4 cd /etc/init.d
5 ./nessusd start

A quick check can be done by running $nmap localhost and checking if port 1241 is being listened on by nessus.

On NessusWX (Windows) Client

Click on Communications>Connect
Enter the server name/IP address and the username/password for the user you created above
Click on connect

Click on Session>New
Add target host, subnet or addresses
Check and set the variables in the tabs as deemed necessary by you.

Double click the session name you created above and you’re off scanning.
This scan will do a generic vulnerability assessment

PS: There’s a bit about registering your nessusd server with Tenable to get plugin’s which I have not covered here. Please check the nessus website to enable this.


Ntop Installation Steps:

1) sudo apt-get install ntop –y
Create the admin user and password.


4) sudo ntop --set-admin-password
5) sudo ntop -u ntop -d


A quick check can be done by running $nmap localhost and checking if port 3000 is being listened on by ntop. Fire up your web browser on any machine and navigate to the url: http://%3cservername/ip address>:3000 to view ntop.

Well Nessus is a very great tool for Vulnerability Assessment it is not a complete solution you will have to be able to patch and fix the holes in security it does bring to lite. I would suggest also reading the article on the Metasploit framework. It can be found here.

< Prev   Next >

Last Updated (Monday, 28 September 2009 23:00)

 

Copyright © 2009 ---.
All Rights Reserved.

Designed by skinMyCMS.com.