Vulnerability management using Nessus

Description

Using Nessus essentials vulnerability management we are scanning a Windows 10 VM for vulnerabilities that are present and trying to remediate it.

Tools Used

Nessus Essentials
Deployed Windows 10 VM in Virtual box

Procedure:

Set up a VM in Virtual box with windows 10 and bridged adapter settings
Virtualbox
Test connectivity using the PING command from host machine to the VM (Might need to allow SMTP in firewall or Disable Firewall)

Create a new basic network scan with Nessus
New Scan
Add the Ip – Save and launch the scan

Non Credential Scan Results
Scan Result1

Credential Scanning

We need to change some settings in VM before the credentials scan (Since the system is not Domain enrolled)
1. Enable Remote registry in services.msc – To allow remote hosts to look through registry for vulnerabilities
2. Turn On network discovery, file and printer sharing in Control Panel
3. Change Never Notify In UAC – User access control (Never do this in production)
UAC
4. Add a key in registry to allow the remote account to connect (This is to Further disable UAC)

Inside Registry > Computer>hkeylocalmac>Softw>MicrosoWindo>Currentvers>Policies>system > Add Dword Named LocalAccountTokenFilterPolicy and change value to 1

Registry
Restart the VM, and add credentials inside configure option nessus

Run the scan again and wait for the results
Credential Scan result
Scan2
Assessed Threat
Threat
Remediation

For lowering the risk we must do these remediations, If inside an organistaion, we must start with thirdparty patching followed by OS patching to deploy frequent updates after testing for vulnerabilities in test environment

Vulnerability management using Nessus#

Description#

Tools Used#

Procedure:#

Credential Scanning#

Vulnerability management using Nessus

Description

Tools Used

Procedure:

Credential Scanning