nmap nessus

of 15 /15
Network Scanning with Nmap and Nessus

Author: ibleedorange83

Post on 07-Nov-2014




12 download

Embed Size (px)


Nmap and Nessus tutorial


Network Scanning with Nmap and Nessus

Nmap Open source network mapper (Nmap) Used for pen testing as well as a network inventory too my network admins Has a GUI called Zenmap -> mainly for Windows (on BackTrack 5r3 as well) Windows, Linux, Mac OS X

Nessus Vulnerability scanner Scans Windows, Unix, network infrastructure Mobile device audits Works well with Nmap and Metasploit Free for home use Paid version for enterprise use Certifications for Nessus and other products

Connecting to CrashNet Log into BackTrack and start GUI session Startx

Always update before using BT Apt-get update

Go to Accept cert warning Login and download user config file Named client.ovpn

Open a shell and run command openvpn config /path/where/file/is Most likely root

Should look something like this

Nmap: Zenmap Applications | BackTrack | Information Gathering | Network Analysis | Network Scanners | Zenmap Run scan on CrashNet

Should get roughly 11 machines Zenmap has different scan profiles available by default Can change scan options to suite needs

Nmap: Zenmap

Nmap: Zenmap

Nessus Start Nessus Applications | Vulnerability Assessment | Vulnerability Scanners | Nessus | Nessus Must register with Tenable at their website for the home user license Emails you license Use nessus-fetch -- register license

Add user Nessus-adduser Give admin privelages

Go to Login with new user account

Nessus Start initialization process Login with user created Select Scan Tab Add a scan External Network IP Range = Single addresses work as well



Nessus Check out the exploits Look up CVE number This will give more info about exploit

Also, you can import text files from an nmap scan to add to nessus so it knows what range to scan.