Thứ Tư, 20 tháng 11, 2013

Bài Tập Thực Hành - NESSUS: Lesson 1 Set up scans and read results

{ Set up scans and read results }

Background Information
  1. What is NESSUS?
    • Tenable Network Security provides enterprise-class solutions for continuous monitoring and visibility of vulnerabilities, configurations, user activity and system events that impact security and compliance.

    • Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.
  2. Reference Link: 
  3. Lab Notes
    • In this lab we will do the following:
      1. Create a Nessus Internal Scan
      2. Scan Damn Vulnerable WXP-SP2
      3. Analyze Results
      4. Export Results
  4. Legal Disclaimer
       
    •  Đào tạo an toàn thông tin - Www.AnToanThongTin.Edu.Vn
Section 1: Login to PENTEST-WXP (Attacking Machine)
  1. Start Up VMWare Player
    • Instructions:
      1. Click the Start Button
      2. Type Vmplayer in the search box
      3. Click on Vmplayer
  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on PENTEST-WXP
      2. Edit Virtual Machine Settings
    • Note:
      • This VM is running Windows XP.
  3. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button "Bridged: Connected directly to the physical network".
  4. Start Up PENTEST-WXP
    • Instructions:
      1. Click Play virtual machine
     
  5. Send Ctrl+Alt+Del
    • Instructions:
      1. Click Player
      2. Click Send Ctrl+Alt+Del
  6. Logging into PENTEST-WXP
    • Instructions:
      1. Username: administrator
      2. Password: Supply your password
  7. Open a Command Prompt
    • Instructions:
      1. Start --> All Programs --> Accessories --> Command Prompt
  8. Determine IP Address
    • Instructions:
      1. ipconfig
    • Note(FYI):
      • My IP Address is 192.168.1.111. 
      • Your IP Address will probably be different.

Section 2: Login to Damn Vulnerable WXP-SP2 (Victim Machine)
  1. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Edit Virtual Machine Settings
    • Note:
      • This VM is running Windows XP.
      • This is the Victim Machine that we will be scanning with PENTEST-WXP.
  2. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button "Bridged: Connected directly to the physical network".
  3. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Start Up your VMware Player
      2. Play virtual machine
  4. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Username: administrator
      2. Password: Use the Class Password or whatever you set it.
  5. Open a Command Prompt
    • Instructions:
      1. Start --> All Programs --> Accessories --> Command Prompt
  6. Obtain the IP Address
    • Instructions:
      1. In the Command Prompt type "ipconfig"
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
      • This is the IP Address of the Victim Machine.
      • Record your IP Address.

Section 3: Login to Nessus
  1. Start the Nessus Web Client
    • Instructions:
      1. Make sure you are on PENTEST-WXP
      2. Click on the Nessus Web Client located on the desktop
     
  2. Login To Nessus
    • Instructions:
      1. Username: admin
      2. Password: Supply your password
      3. Click the Sign In To Continue Button

Section 4:  Creating a Scan
  1. Click on Scan
    • Instructions:
      1. Click on the Scan Tab
      2. Click on New Scan
  1. Create New Scan
    • Instructions:
      1. Scan Title: Damn Vulnerable WXP-SP2
      2. Scan Type: Run Now
      3. Scan Policy: Internal Network Scan
      4. Scan Target: Input Damn Vulnerable WXP-SP2's IP Address.
        • In my case, the IP Address is 192.168.1.116
      5. Click the Create Scan Button
  2. Monitor the Scan
    • Instructions:
      1. Click on the Running Status
  3. Host Result Summary
    • Instructions:
      1. Wait 5 to 10 minutes until scan is 100% complete.
      2. Click on the purple section to see the most critical vulnerabilities.
  4. View Critical Alert(s)
    • Instructions:
      1. Click on MS08-067
  5. Analyzing MS08-067 Results
    • Instructions:
      1. Read the Synopsis
      2. Read the Description
      3. Read the Vulnerability Information
        • This will show you which tools can be used to exploit this vulnerability.
    • Note(FYI):
      • Basically the attacker can use a tool like Metasploit to mangle the kernel by overflowing the stack and then execute code after overrunning the kernel.
  6. View Critical Alert
    • Instructions:
      1. Export Format: CSV
      2. Click the Export Button
  7. Download Report
    • Instructions:
      1. Click the radio button "Save File"
      2. Click the OK button.

Section 5:  Proof of Lab
  1. Open a Command Prompt
    • Instructions:
      1. Start --> All Programs --> Accessories --> Command Prompt
  2. Proof of Lab Instructions
    • Instructions:
      1. cd "My Documents\Downloads"
      2. type *.csv | findstr MS08-067
      3. date /t
      4. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
      5. Do a PrtScn
      6. Paste into a word document
      7. Upload to website Www.AnToanThongTin.Edu.Vn

Không có nhận xét nào:

Đăng nhận xét