Versions Compared

Version Old Version 13 New Version 14
Changes made by

Rebecca.Dewey

Rebecca.Dewey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{composition-setup}deck.startHidden = false{composition-setup}
Tufts' Nessus service is available at [https://infosec-scan.uit.tufts.edu/]. Please note that the S in HTTPS is required.

Please take a moment to familiarize yourself with the [optional steps|Target Preparation] you may wish to take to prepare your systems to be scanned. 

h1. Scan Process
{deck:id=Process|effectType=fade}
\\
{card:label=1. Log in}
\\
{section}
{column:width=50%}{center}

!Screen shot 2013-05-31 at 11.36.39 AM.png|thumbnail,border=1,width=300200!

{center}\\  {column}\\  {column:width=50%}

{center}\\  {column}\\  {column:width=50%}
* Log in, click "Scans," and click "Add." The scan configuration screen will appear.{column}\\  {section}
\\
{card}
\\
{card:label=2. Configure}\\
{section}{column:width=50%}

!Step4bScreen shot 2013-05-31 at 11.41.24 AM.png|border=1,width=300!

{center}

{center}\\  {column}\\  {column:width=50%}
* Configure the scan:
*# Assign a name to the scan for your own reference
*# Select "Run Now" to start the scan as soon as soon as you're finished with its configuration
*# Select the "AllDefault TCPTufts PortsScan" policy to use the most common scan policy
*## Decide whether to include an ICMP ping before scanning each host (e.g., scanning a whole subnet) or not to ping, and assume that all hosts are live (e.g., scanning a few hosts you know are live)
*# List the target(s): 
by single IP address (e.g., 192.168.0.1) 
by IP range (e.g., 192.168.0.1-192.168.0.255) 
by subnet with CIDR notation (e.g., 192.168.0.0/24) 
or by resolvable host (e.g., www.nessus.org). 
*Only scan hosts you own or control. You are responsible for the results of your scans.*{column}\\  {section}
\\
{tip:title=Target File}
Alternatively, create and upload a reusable "Targets File" using ASCII text encoding with one host or CIDR network per line and no extra spaces or lines{tip}
\\
{card}
\\
{card:label=3. Launch}
\\
{section}{column:width=50%}{center}
!Step5
!Screen shot 2013-05-31 at 11.46.37 AM.png|border=1,width=300!

{center}\\  {column}\\  {column:width=50%}
* Click "LaunchRun Scan." The scan will start and Nessus will display a progress meter based on the number of IPs which have been scanned.{column}\\  {section}
\\
{card}
\\
{card:label=4. Run}
\\
{section}{column:width=50%}{center}
!Step6done
!Screen shot 2013-05-31 at 11.48.28 AM.png|thumbnail!border=1,width=300!
{center}\\  {column}\\  {column:width=50%}
* Allow the scan to run. When it's complete, it will move from the Scans section to the Reports section.{column}\\  {section}
\\
{card}
\\
{card:label=5. Open Report}
\\
{section}{column:width=50%}{center}
!Step7c
!Screen shot 2013-05-31 at 11.49.07 AM.png|thumbnail,border=1,width=200!
{center}\\  {column}\\  {column:width=50%}
* Click Reports, select the report for your scan, and click Browse. This will display a list of the target hosts for this scan. Click on a host to view its results.{column}\\  {section}
\\
{card}
\\
{card:label=6. Analyze Each Host}
\\
{section}{column:width=50%}{center}

!Step7dScreen shot 2013-05-31 at 12.02.26 PM.png|thumbnail,border=1,width=200!
{center}\\  {column}\\  {column:width=50%}
* Click a host name or IP address to open its results. This will display a list of the open ports found on the host. Click on a port number to view the information collected for that port.
* Click the scan name to return to the list of hosts in the scan.{column}\\  {section}
\\
{card}
\\
{card:label=7. Analyze Each Port}
\\
{section}{column:width=50%}{center}
!Step7e.png|border=1,width=300!
{center}\\  {column}\\  {column:width=50%}
* Click on a port to see the results of the analysis of that port.{column}\\  {section}
\\
{section}{column:width=50%}{center}
!Step7f.png|border=1,width=300!
{center}\\  {column}\\  {column:width=50%}
* Click on a plugin/analysis to see the vulnerability assessment for that port. Determine whether it's a problem that needs to be remediated, or just an informational notice.
* Click the host name to return to the list of ports for that host.{column}\\  {section}
\\
{tip:title=Questions?}
If in doubt, don't hesitate to [ask Information Security|Support Request] for assistance analyzing these results.{tip}
\\
{card}
\\
{deck}
\\

h1. Remediation and Re-Scanning

Once you've analyzed the results of your scan, you can select the issues you want to remediate, fix them, and then re-scan. The results relating to those issues should not not appear in the new scan.