Nessus Vulnerability Scanner Tutorial (Cyber Security Tools)

i try to download nessus with my gmail ac count doesn't work, what sould i do please ?

I am not sure why you would be having problems with gmail. I would try reaching out to Tenable.

Unfortunately, vulnerability scanners aren't always accurate and frequently will report false positives but they do help shorten the discovery process. I'm not surprised about that happening with nmap since people generally expect to hear about the major commercial products like Nessus. It seems a little random to not have any experience with tools like Nessus or OpenVAS if you are tinkering around with finding vulnerabilities using nmap though. That is a good example of why you need to assume an interviewer doesn't have much practical knowledge and explain things until that is proven otherwise.

@@JonGoodCyber bruh I had to adjust him and say to him yes I had experiment with nessus but in under grad. Smh I come from a pen tester perspective. Smh I can tell various ISSOs at my job going to have a rude awakening how I can show them how vulnerability scanning can be done

To be fair, nmap is very limited in vulnerability detection. The primary purpose of nmap isn't vulnerability detection even though we can identify potential attack vectors based on the information, although a crafty admin could change the banners and make things more challenging. In any role, both offensive and defensive, that has to provide reporting specifically would be more likely to provide reporting from the commercial tools but I understand both sides of the argument. At the end of the day, interviews and job searching in general is more of a game where you have to be strategic if you want to be successful because words have different meanings for different people and have to sell yourself to your interviewer(s).

@@JonGoodCyber .

Thank you for the feedback and I'm glad that you enjoyed the video!

Glad to hear that and you are welcome!

Glad you enjoyed it! A tool like this will definitely open your eyes to what is on your network.

I'm glad you are enjoying the content and thank you for the feedback!

I appreciate that!

Glad it was helpful and you are welcome!

Thank you for the feedback and I'm glad I could help!

I'm glad that you enjoyed the content! Stick with it and always keep learning.

Glad it helped!

Glad it was helpful!

Glad it was helpful and you're welcome!

Glad it was helpful!

Good luck and I'm happy that the content was helpful!

Glad it was helpful!

Glad you enjoyed it!

Thank you for sharing and I'm glad that you enjoyed the video!

You're welcome!

Glad you enjoyed it!

Glad you enjoyed it!

Glad it helped and you are welcome!

Thank you for the feedback! I'm glad you enjoyed the video.

I'm glad that you enjoyed the video!

No problem!

Thank you for the feedback and I'm glad you enjoyed the video!

No problem 👍

Awesome and let me know how it goes!

@JonGoodCyber Hey Jon, this was my first cybersecurity interview. It didn't end in a job offer but i learned a lot and can't wait for my next interview. Wish i would've found your resources earlier

@@Cyber_Levi although not fun for an interview to not work out, learning is a huge part of the process! I'm glad that you found my content and that I get to be a part of your journey.

You're welcome!

I'm glad you enjoyed the video! The major difference is that a vulnerability assessment will uncover vulnerabilities that exist but vulnerability management is the entire process of tracking the vulnerabilities through their lifecycle which might include their mitigation.

@@JonGoodCyber excellent. Thank you so much for that quick and informative feedback 🙏👍

You're welcome!

Glad I could help!

Thank you and I'm glad you enjoyed it! Nessus by itself doesn't really compare because it's just the vulnerability scanner and Qualys is more of full vulnerability management suite. Tenable's Security Center would be a closer comparison. It's been a few years since I've used Qualys but from what I remember it had a few more features than Security Center but either will get the job done.

You're welcome!

Thank you for the feedback!

Thanks for sharing! SCAP by nature isn't a vulnerability scanner, it's a configuration checker, but with that being said, you can do limited vulnerability scanning if you're on a shoestring budget. Knowing how to use SCAP in specific environments can be extremely useful.

Welcome aboard!

Thank you!

Nessus Essentials is still available, but it takes some Googling to find the right spot as Tenable has changed up some things on their website: www.tenable.com/products/nessus/nessus-essentials

Thank you and I'm glad you enjoyed the video!

Thank you for the feedback! You are correct in that typically it's going to match whatever the CVE/CVD states. I left it a little open in how I stated it in the event that Tenable decides to do more research and make a severity judgement different from what researchers have determined. At the end of the day the severity might not be what is actually listed because a high vulnerability finding in one environment might not have the necessary dependencies in another environment...always validate results!

Those are definitely alternative options but I probably wouldn't recommend them over Nessus unless you are on a tight budget.

@@JonGoodCyber Thank you Jon! I am new to security so trying to learn about different tools!

Then yes I would definitely look at all the tools that you can! The great thing is that most tools in the same category perform in a similar way so if you learn one, it's fairly easy to learn another.

I would really focus on building up your foundational technical skills. Operating system knowledge for Windows and Linux is going to be crucial. Also, if you can pick up some programming knowledge it would be helpful and put you ahead of your peers.

Definitely start trying to pick up some programming if you can and focus on learning foundational knowledge about operating systems. Bug hunting is great but if you don't know the foundational stuff, you are going to struggle.

@@JonGoodCyber Ya actually, I'll start my programing in College. As of now I'm in High school where languages are not too much focused. Any other thing than programming?

There isn't really a reason why you can't start learning now. The key is you want to learn things that you can keep expanding on throughout the next several years. Operating system and networking basics...CCNA or Linux+ are probably the two major things I would recommend. You've got to be careful that you don't burn time learning things that you don't touch for another 6 years and then have to learn it all over again. That is why reason programming is useful at this point in your life.

I'm glad that you enjoyed it! Honestly, landing a job in Cyber Security without any certifications, especially at the entry level, is going to be pretty challenging. Remember that the career field is on fire right now so you should try to set yourself apart from the crowd as much as possible. With that being said, in my free eBook ( www.jongood.com/getstarted/ ) I walk through all of the things that you should be learning to prepare yourself.

@@JonGoodCyber how do I contact you personally.. Some personal questions to ask.

Career Coaching ( www.jongood.com/services/ ) is the best way to get 1:1 advice for your specific situation.

@@JonGoodCyber thank you

I'm glad that you enjoyed the content!

I try to balance it because I want to remind people but not overwhelm them...thank you for watching!

You certainly can use nmap to help identify vulnerabilities. With that being said, keep in mind that nmap specifically has limited capabilities when it comes to vulnerability scanning because that's not it's primary function.

SCCM is very popular in Windows environments but in all honesty, there are tons of them out there. Gartner is a pretty good place to start if you're looking for top industry choices.

Verbal agreements are never legally binding and at the rate that people are being prosecuted, I would make sure to have all agreements in writing.

@@JonGoodCyber The bug bounty program offered by HackerOne, seems promising.

HackerOne and BugCrowd are two of the most popular bug bounty platforms.

@@JonGoodCyber Also thanks for the info on that one. Once I am able to get a Cyber Security Job, because I am in school for CS. IF anyone asked me to pentest their security I would ask them to write up a contract with a lawyer, so both parties are safe and I have a history of Hacktivism(Not proud of it), so I understand the otherside. I am trying to gain a good reputation from my bad reputation. I believe Bug Bounties is a good way to do that too.

Bug bounty programs are definitely a way to positively contribute to companies and they can help show that you've changed your ways. Some people are so good at finding bugs that they don't even want to work for companies because of how much they earn but of course that is a small percentage of the researchers since it's a race to find the bugs.

For this video I installed Apache and it did perform scanning (at 9:30) on it however it will be a lighter scan in general. There is a specific web application scanning policy that you can use.

I would recommend checking out this book ( amzn.to/3eCu6rs ) to get started learning about bug hunting.

There are many different scanning tool options out on the market with each having pros and cons. The nice thing is that once you learn one tool, you can pretty easily learn another tool.

Yeah I've seen a lot of companies cracking down on free service email addresses. Unfortunately that makes it difficult if you want to try a product or service for legitimate reasons.

I'm glad that you enjoyed the video!

Think of a scanner as just checking the surface to see if known vulnerability conditions exist even though they might not actually be exploitable versus a penetration test that will attempt to exploit the vulnerabilities. Scanners are also automated tools compared to penetration testing which might involve manual tests that could exploit business/application logic.

As long as Nessus has a plugin for what you're scanning ( www.tenable.com/plugins ), it will pick up vulnerabilities. Nessus IS NOT however a code scanning tool so it will not perform an analysis on your source code or perform dynamic testing without a plugin.

I recommend rewatching the video because every step of the process is detailed in this video including the operating system and commands that I used.

What do you mean by every day tasks? I'm assuming this is for learning purposes...Snort is an IDS / IPS so you aren't necessarily going to get a ton of value from it unless you're attempting to do malicious activities or having attempted attacks that will trigger alerts.

Many tools aren't really optimized for IPv6 so your experience may vary but Nessus does support IPv6 ( docs.tenable.com/nessus/Content/IPv6Support.htm ). There's no difference in consumption between an IPv6 address and an IPv4 address because it's still a single address.

@@JonGoodCyber appreciated Jon!

Nikto can definitely provide value when it comes to web application vulnerabilities.

Yes, both tools are extremely popular in enterprises of all sizes.

happy algo noises

Thank you for watching!

Cent OS although installation across all Linux distributions is pretty similar.

Are you talking about for home use? You can also get the home use license from Tenable for Nessus. Otherwise, OpenVAS ( www.openvas.org/ ) is pretty popular. You can also use nmap but keep in mind that its scanning functionality is fairly limited.

@@JonGoodCyber Thank you John looking at it.

Lol!

Sorry no warranty for repair! Thank you for watching!

You are welcome!

It's impossible to give an accuracy rate because there are so many factors that go into that including how the actual system being scanned is configured. With that being said, scanners still drastically improve your ability to find vulnerabilities, especially if you are doing credentialed scans.

@@JonGoodCyber appreciate your response. I am a newbie in terms of cyber sec. Aspects... Can u tell me how should one generate a detailed report of vulnerability assessment in nessus ?

The results that I show in this video will provide you detailed information or you can also use the "Report" or "Export" option depending on what you are trying to accomplish.

You need to get an activation key from Tenable in order to run the software. In order to perform scans you can run them without login credentials or using credentialed scans. The main difference is that credentialed scans will be able to perform more accurate scans.

@@JonGoodCyber What do you mean by more accurate scans? Are you talking about how nmap only works with a couple options if you run it without sudo?
Credentialed scans can access the raw data packets on the interfaces, right? Whereas non-credentialed ones will not allow packet crafting, OS identification, or stealth scans?
Is that what you're saying?

A non-credentialed scan is similar to what an attacker would see where it might not give the full story and a credentialed scan is like a privileged user logged into the system that can see a lot more. Check out the article to learn more about the differences: www.beyondtrust.com/resources/glossary/vulnerability-scanning#:~:text=Non-credentialed%20scans%2C%20as%20the,the%20systems%20they%20are%20scanning.&text=On%20the%20other%20hand%2C%20credentialed,eye%20view%20of%20the%20environment.

You'll have to look at the available export options and see if something fit your needs or if an integration exists. There's also ways to interact with the Nessus APIs but it all depends on your needs.

Unfortunately that happens eventually with any vendor and their products. I searched on Google and found it on their website: www.tenable.com/products/nessus/nessus-essentials

Thank you - This was has the free version in the installer

For learning, OpenVAS is definitely an alternative to play around with but in a commercial environment, I would never recommend it unless you had absolutely zero dollars for your budget.

I take that back. They hid it really well. Search for the blog changing "home" to "essentials" and you'll get the link.

You can try the downloads page ( www.tenable.com/downloads/nessus?loginAttempted=true ) along with an Activation Code request ( www.tenable.com/products/nessus/nessus-essentials?action=register ) but yeah they've made it way harder to get. I did see that you can do a trial with the Pro version too.

I see a 64-bit version towards the bottom of the download list ( www.tenable.com/downloads/nessus?loginAttempted=true ).

@@JonGoodCyberthanks

I'm glad that you enjoyed the content!

Nessus will detect software that has known and reported vulnerabilities. These will typically have a CVE and can be found in databases such as the one from NIST ( nvd.nist.gov/ ). The purpose of Nessus isn't to detect or inventory software although it could bring to light software you didn't know you had or forgot about.

I'm glad that you enjoyed the video!

Did you ever figure out a solution?

I recommend checking out this article: community.tenable.com/s/article/Verify-Connection-to-the-Plugin-and-Activation-Server

I'm glad that you enjoyed the video! The focus of this video was on the operational installation and usage of Nessus so reporting was outside of this video's scope. Typically if there are concerns with actual reports, companies will migrate to Tenable's Security Center (or a similar product) that offers much more robust reporting capabilities since standalone Nessus reports aren't amazing at scale. With that being said, if I receive enough interest then I will look at adding a follow up video.

This video details how to operate Nessus so I'm not exactly sure what you are asking.

I cover that starting at 4:58 in the video.

What's expensive? The version for home use is free.

You got me...now I'll have to change it again.

Any issues with the tool itself should be directed to the developers so that they can fix them.

Thank you for the support and I'm glad you enjoyed the video!

What are PPD and dota?

LOL!

There are timestamps in the video if you simply want the tutorial steps, however the rest of the information is valuable for professionals in the industry.

Thank you for the feedback. Unfortunately with any tutorial or procedural documentation, you have to assume that people are at ground zero which is why the video has some subjects that might be considered quite basic. I did include timestamps for those who want to go directly to certain parts of the video.

Did a good job Jon even if it is longer than this. People will always seek excuses unnecessarily. Do yours and let's watch. As advised, goto time stamps if you feel you don't need the preamble. Thanks

Are you referring to the Tenable website that they seem to have recently updated? I'm assuming that's the case because they've made it impossible to find the free version. I will look through the video to see if there are any other changes but from what I see so far, that's been the only change. For right now, a simple google search for "Nessus Essentials" will still bring up the correct page ( www.tenable.com/products/nessus/nessus-essentials ). Thanks for letting me know!

@@JonGoodCyber I’ll check it out later today thanks for post. By the way do you know how I can do network scans legally? Any suggestions? I’m trying to learn this for Cybersecurity before I get entry level.

The best strategy of systems to scan is to build a home lab (see my videos on this). Never scan systems that you don't own or have written permission (contract) from the owner.

Per Google, "Root is the superuser account in Unix and Linux. It is a user account for administrative purposes, and typically has the highest access rights on the system."

Thanks for sharing! There are certainly ways to automate a lot of things but for example, it doesn't always make sense to allow a tool like Metasploit on a network, especially if you aren't conducting a penetration test. Also, I believe you mean Armitage.