Skip to main content

Section 8.3 Lab: Scanning with Nessus

In this lab we will be downloading the Nessus vulnerability scanner and using it to scan a machine. Click here to register for an activation code and receive a link to download Nessus essentials.
 1 
www.tenable.com/products/nessus/nessus-essentials
Once you have installed the latest version of Nessus for your OS and completed the registration move on to the next steps.

Note 8.3.1.

Nessus runs a web interface on localhost with a self-signed certificate, so you will need to accept it to continue.
Run ipconfig on a Windows device or ifconfig on a Mac to find your Wifi adapter IP address. Exchange IP addresses with a friend (you will scan each other) and put your friend’s IP into the Welcome to Nessus Essentials dialog. When you click Next Nessus will begin the host discovery step, making sure that the IP address you put in actually corresponds to an active host. Click the checkbox next to the host once it shows up in Host Discovery and run the scan. You’ll notice the status is Running while the scan is being performed.

Question 8.3.2.

Once the scan is complete, take a look at the summary of vulnerabilities in the Hosts tab. How many non-info vulnerabilities are there in each category (Low, Medium, High, Critical)?

Question 8.3.3.

Take a screenshot of the Vulnerabilities tab once the scan is complete.

Question 8.3.4.

Pick two vulnerabilities and describe them in your own words. What mitigation steps could you take to eliminate these vulnerabilities?
You have attempted 1 of 1 activities on this page.