Are you sure your Linux servers in your data center are free from vulnerabilities? Otherwise, you need to scan them immediately. Jack Wallen shows you how to do it with Nessus.
Nessus is one of those tools that every network, system, and security administrator should have at their fingertips. Once up and running, you can easily set up scans to check your datacenter servers to make sure everything is up and running. And knowing whether or not your systems are suffering from vulnerabilities is one of the most difficult parts of your job.
Fortunately, Nessus scans are incredibly easy to perform. They take a while, but the process of initiating a scan shouldn’t take you long.
Nessus must be installed and functional. I covered this process in How to Install the Nessus Vulnerability Scanner on Rocky Linux. So be sure to follow this guide to have an instance of Nessus ready to use.
Let’s move on to the scan.
SEE: Kubernetes: A Cheat Sheet (Free PDF) (TechRepublic)
How to set up a scan in Nessus
Log in to your instance of Nessus. We will first run a basic network scan. Click New Analysis in the upper right corner of the window. In the resulting screen (Figure A), select Basic Network Scanning.
In the next window (Number B), you must first give the scan a name (which can be any human-readable name) and a target (either an IP address or a fully qualified domain name).
Since this is a basic scan, you won’t need to configure any credentials, so just click Save and your scan is ready to run.
How to run the new analysis in Nessus
You should end up on the saved scan list. Click the Run button (arrow pointing to the right) associated with the analysis you have just created (Figure C).
Start the scan and sit back and wait for the results or move on to another task. The baseline scan should take between 5 and 20 minutes. When done, you can click on it to view all the vulnerabilities it discovered (Number D).
After running the scan on an updated Ubuntu 20.04 server, Nessus returned to report no vulnerabilities of concern. However, running Nessus on my Pop! _OS 21.04 desktop came back with a slightly different story (Encrypted).
A Rocky Linux scan returned with a pair of critical vulnerabilities and several high vulnerabilities (Figure F).
If you see a label marked Mixed, be sure to click on it so that it shows all of the different vulnerabilities associated with that particular package. And if Nessus does find any vulnerabilities, be sure to fix them immediately, otherwise your datacenter servers are at risk. If you perform an upgrade on the server hosting Nessus, you may lose connection to the analytics platform. If this happens, you will need to restart the Nessus daemon with the command:
sudo systemctl restart nessusd
And that’s all there is to running a basic vulnerability scan with Nessus. Next time, we’ll dive into more complicated analyzes. Until then, keep checking for vulnerabilities in these datacenter servers. Make a habit of it, otherwise these vulnerabilities can infiltrate and leave your systems open to attack.