Scroll Top

Discovering Vulnerabilities with Nessus

When diving deep into cybersecurity, it’s paramount to equip oneself with the right tools and techniques. In a recent endeavor, I explored the vulnerabilities in a Windows VM using Nessus. Here’s a comprehensive look into my process.

1. Prepping the Windows VM for Vulnerabilities

Before launching Nessus, I wanted to make my Windows 10 VM more vulnerable to mimic real-world scenarios where systems may be poorly maintained or outdated:

  1. Paused Security Updates: By stalling security updates for 30 days, I effectively created a window where the system was susceptible to potential threats.
  2. Removed Current Updates: Via the ‘View Installed Updates’ window, I stripped the system of its most recent updates.
  3. Disabled Windows Defender Firewall: For Nessus to function optimally, I had to turn off the firewall. It’s crucial to note that disabling the firewall opens the gates for potential threats, so this step is strictly for testing purposes.

2. Setting the Stage with VirtualBox Network Settings

To ensure smooth sailing, I tailored the network settings of my VirtualBox. This step is pivotal for precise communication between the VM and Nessus.

3. Getting Started with Nessus Essentials

  • Sign-up: I used a temporary email from temp-mail.org for my sign-up. (Tip: Handy for avoiding spam!)
  • Download & Activation: Downloading Nessus was straightforward, though the activation did eat up close to an hour of my time. Remember to paste the activation code during setup and to skip the offline registration.

4. Diving Into Nessus Scanning

With Nessus ready to go, I embarked on my vulnerability scanning:

  1. Basic Scan: Aimed at detecting open ports, potential vulnerabilities, and offering an optional malware scan. However, my initial attempts yielded no vulnerabilities. A quick check revealed that I was using an incorrect IP. A quick fix and voila, results were evident!Fun fact: Port 445, notorious among cyber criminals, was the portal for the devastating WannaCry attack!
  2. Credentialed Scan: This scan demanded slight tweaks on the VM server. After necessary registry changes and a system restart, the outcome? An even higher vulnerability count.

5. Introducing Additional Vulnerabilities

To challenge Nessus further, I introduced older versions of Chrome and a Minecraft server to the VM. After ensuring the system configuration staved off automatic updates and disabling internet browsing, I was a tad disappointed by the number of vulnerabilities detected. Nonetheless, it provided insight into how different software can impact a system’s security landscape.

In Retrospect

This hands-on experience not only gave me a deeper understanding of Nessus but also shed light on the importance of regular updates and stringent security measures. While the VM was a controlled environment, it’s a stark reminder that out in the wild, threats lurk in every corner, waiting for an unpatched system or an open port.

For those keen on cybersecurity, Nessus offers a brilliant platform to experiment and learn. If you’re looking to dive deeper, you can access Nessus and other resources here.

Remember, in the realm of cybersecurity, knowledge is your armor and vigilance, your weapon. Stay curious and stay safe!