Vulnerability Assessment With Nessus and Ntop
Wednesday, 15 October 2008 10:45 | 
Written by Administrator |
Vulnerability Assessment
Here’s a mini-howto on installing nessus and ntop - 2 tools I believe are a must have for any network admin. Nessus is a vulnerability assessment tool and a great way of checking open ports, uninstalled patches and older versions of software running on the end-user systems in a network. Ntop is a graphical network monitoring tool that serves a dual purpose - network overview on a daily basis and management reporting.
Nessus = Vulnerability Assessment Tool (http://www.nessus.org/download/)
Ntop = Network monitoring tool (http://www.ntop.org/)
Nessus Installation Steps:
On Ubuntu Dapper System (Nessus Server)
1 sudo apt-get install nessusd
2 nessus-mkcert
3 nessus-adduser
4 cd /etc/init.d
5 ./nessusd start
A quick check can be done by running $nmap localhost and checking if port 1241 is being listened on by nessus.
On NessusWX (Windows) Client
Click on Communications>Connect
Enter the server name/IP address and the username/password for the user you created above
Click on connect
Click on Session>New
Add target host, subnet or addresses
Check and set the variables in the tabs as deemed necessary by you.
Double click the session name you created above and you’re off scanning.
This scan will do a generic vulnerability assessment
PS: There’s a bit about registering your nessusd server with Tenable to get plugin’s which I have not covered here. Please check the nessus website to enable this.
Ntop Installation Steps:
1) sudo apt-get install ntop –y
Create the admin user and password.
4) sudo ntop --set-admin-password
5) sudo ntop -u ntop -d
A quick check can be done by running $nmap localhost and checking if port 3000 is being listened on by ntop. Fire up your web browser on any machine and navigate to the url: http://%3cservername/ip address>:3000 to view ntop.
Well Nessus is a very great tool for Vulnerability Assessment it is not a complete solution you will have to be able to patch and fix the holes in security it does bring to lite. I would suggest also reading the article on the Metasploit framework. It can be found here.
| < Prev | Next > |
|---|
Last Updated (Monday, 28 September 2009 16:00)