How to run a basic vulnerability scan on your datacenter Linux servers with Nessus

Are you sure your Linux servers in your data center are free from vulnerabilities? Otherwise, you need to scan them immediately. Jack Wallen shows you how to do it with Nessus.

Image: Mark Agnor / Shutterstock

Nessus is one of those tools that every network, system, and security administrator should have at their fingertips. Once up and running, you can easily set up scans to check your datacenter servers to make sure everything is up and running. And knowing whether or not your systems are suffering from vulnerabilities is one of the most difficult parts of your job.

Fortunately, Nessus scans are incredibly easy to perform. They take a while, but the process of initiating a scan shouldn’t take you long.

Nessus must be installed and functional. I covered this process in How to Install the Nessus Vulnerability Scanner on Rocky Linux. So be sure to follow this guide to have an instance of Nessus ready to use.

Let’s move on to the scan.

SEE: Kubernetes: A Cheat Sheet (Free PDF) (TechRepublic)

How to set up a scan in Nessus

Log in to your instance of Nessus. We will first run a basic network scan. Click New Analysis in the upper right corner of the window. In the resulting screen (Figure A), select Basic Network Scanning.

Figure A

nessusscanb.jpg

You have a few scanning options with the Nessus Essentials package.

In the next window (Number B), you must first give the scan a name (which can be any human-readable name) and a target (either an IP address or a fully qualified domain name).

Number B

nessusscansc.jpg

Setting up a basic scan with Nessus.

Since this is a basic scan, you won’t need to configure any credentials, so just click Save and your scan is ready to run.

How to run the new analysis in Nessus

You should end up on the saved scan list. Click the Run button (arrow pointing to the right) associated with the analysis you have just created (Figure C).

Figure C

nessesscand.jpg

Our analysis is saved and ready to run.

Start the scan and sit back and wait for the results or move on to another task. The baseline scan should take between 5 and 20 minutes. When done, you can click on it to view all the vulnerabilities it discovered (Number D).

Number D

nessusscansf.jpg

Our basic analysis has a lot to report on Ubuntu Server 20.04.

After running the scan on an updated Ubuntu 20.04 server, Nessus returned to report no vulnerabilities of concern. However, running Nessus on my Pop! _OS 21.04 desktop came back with a slightly different story (Encrypted).

Encrypted

nessusscansg.jpg

Nessus found vulnerabilities in SSL and SMB.

A Rocky Linux scan returned with a pair of critical vulnerabilities and several high vulnerabilities (Figure F).

Figure F

nessusscansh.jpg

Rocky Linux had several issues that should be immediately resolved.

If you see a label marked Mixed, be sure to click on it so that it shows all of the different vulnerabilities associated with that particular package. And if Nessus does find any vulnerabilities, be sure to fix them immediately, otherwise your datacenter servers are at risk. If you perform an upgrade on the server hosting Nessus, you may lose connection to the analytics platform. If this happens, you will need to restart the Nessus daemon with the command:

sudo systemctl restart nessusd

And that’s all there is to running a basic vulnerability scan with Nessus. Next time, we’ll dive into more complicated analyzes. Until then, keep checking for vulnerabilities in these datacenter servers. Make a habit of it, otherwise these vulnerabilities can infiltrate and leave your systems open to attack.

Also look

Source link

About Jon Moses

Check Also

DH2i will discuss “How to Solve the High Availability Conundrum for a Containerized SQL Server” at Data Saturday # 13

FORT COLLINS, Col., October 6, 2021 / PRNewswire / – DH2i®, the leading provider of …

Leave a Reply

Your email address will not be published. Required fields are marked *