Network Scanning with Nmap and Nessus

Nmap Open source network mapper (Nmap) Used for pen testing as well as a network inventory too my network admins Has a GUI called Zenmap -> mainly for Windows (on BackTrack 5r3 as well) Windows, Linux, Mac OS X

Nessus Vulnerability scanner Scans Windows, Unix, network infrastructure Mobile device audits Works well with Nmap and Metasploit Free for home use Paid version for enterprise use Certifications for Nessus and other products

Connecting to CrashNet Log into BackTrack and start GUI session Startx

Always update before using BT Apt-get update

Go to https://139.78.9.9:943 Accept cert warning Login and download user config file Named client.ovpn

Open a shell and run command openvpn config /path/where/file/is Most likely root

Should look something like this

Nmap: Zenmap Applications | BackTrack | Information Gathering | Network Analysis | Network Scanners | Zenmap Run scan on CrashNet 192.168.216.0/24

Should get roughly 11 machines Zenmap has different scan profiles available by default Can change scan options to suite needs

Nmap: Zenmap

Nmap: Zenmap

Nessus Start Nessus Applications | Vulnerability Assessment | Vulnerability Scanners | Nessus | Nessus Must register with Tenable at their website for the home user license Emails you license Use nessus-fetch -- register license

Add user Nessus-adduser Give admin privelages

Go to 127.0.0.1:8834 Login with new user account

Nessus Start initialization process Login with user created Select Scan Tab Add a scan External Network IP Range = 192.168.216.0/24 Single addresses work as well

Run

Nessus

Nessus Check out the exploits Look up CVE number This will give more info about exploit

Also, you can import text files from an nmap scan to add to nessus so it knows what range to scan.

QUESTIONS??