Versions Compared

Version Old Version 17 New Version 18
Changes made by

Rebecca.Dewey

Rebecca.Dewey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Tufts'

...

Nessus

...

service

...

is

...

available at https://infosec-scan.uit.tufts.edu/

...

.

...

Please

...

note

...

that

...

the

...

S

...

in

...

HTTPS

...

is

...

required.

...

Please

...

take

...

a

...

moment

...

to

...

familiarize

...

yourself

...

with the optional steps you may wish to take to prepare your systems to be scanned. 

Scan Process

Deck
idProcess
effectTypefade


Card
label1. Log in


Section

Column
width50%

Center

Image Added



Column
width50%

Center



Column
width50%
  • Log in, click "Scans," and click "Add." The scan configuration screen will appear.



Card
label2. Configure


Section

Column
width50%

Image Added

Center



Column
width50%
  • Configure the scan:
    1. Assign a name to the scan for your own reference
    2. Select "Run Now" to start the scan as soon as soon as you're finished with its configuration
    3. Select the "Default Tufts Scan" policy to use the most common scan policy
      1. Decide whether to include an ICMP ping before scanning each host (e.g., scanning a whole subnet) or not to ping, and assume that all hosts are live (e.g., scanning a few hosts you know are live)
    4. List the target(s): 
      by single IP address (e.g., 192.168.0.1)

  by IP range

    1.  
      by IP range (e.g.,

    1. 192.168.0.1-192.168.0.255)

  by subnet with CIDR notation

    1.  
      by subnet with CIDR notation (e.g.,

    1. 192.168.0.0/24)

  or by resolvable host

    1.  
      or by resolvable host (e.g.,

    1. www.nessus.org).

  *Only scan hosts you own or control. You are responsible for the results of your scans.*{column}\\ {section} \\ {tip:title=Target File} Alternatively, create and upload a reusable "Targets File" using ASCII text encoding with one host or CIDR network per line and no extra spaces or lines{tip} \\ {card} \\ {card:label=3. Launch} \\ {section}{column:width=50%}{center} !Screen shot 2013-05-31 at 11.46.37 AM.png|border=1,width=300! {center}\\ {column}\\ {column:width=50%} * Click "Run Scan." The scan will start and Nessus will display a progress meter based on the number of IPs which have been scanned.{column}\\ {section} \\ {card} \\ {card:label=4. Run} \\ {section}{column:width=50%}{center} !Screen shot 2013-05-31 at 11.48.28 AM.png|border=1,width=300! {center}\\ {column}\\ {column:width=50%} * Allow the scan to run. When it's complete, it will move from the Scans section to the Reports section.{column}\\ {section} \\ {card} \\ {card:label=5. Open Report} \\ {section}{column:width=50%}{center} !Screen shot 2013-05-31 at 11.49.07 AM.png|thumbnail,border=1,width=200! {center}\\ {column}\\ {column:width=50%} * Click Reports, select the report for your scan, and click Browse. This will display a list of the target hosts for this scan. Click on a host to view its results.{column}\\ {section} \\ {card} \\ {card:label=6. Analyze Each Host} \\ {section}{column:width=50%}{center} !Screen shot 2013-05-31 at 12.02.26 PM.png|thumbnail,border=1,width=200! {center}\\ {column}\\ {column:width=50%} * Click a host name or IP address to open its results. This will display a list of the open ports found on the host. Click on a port number to view the information collected for that port. * Click the scan name to return to the list of hosts in the scan.{column}\\ {section} \\ {card} \\ {card:label=7. Analyze Each Port} \\ {section}{column:width=50%}{center} !Step7e.png|border=1,width=300! {center}\\ {column}\\ {column:width=50%} * Click on a port to see the results of the analysis of that port.{column}\\ {section} \\ {section}{column:width=50%}{center} !Step7f.png|border=1,width=300! {center}\\ {column}\\ {column:width=50%} * Click on a plugin/analysis to see the vulnerability assessment for that port. Determine whether it's a problem that needs to be remediated, or just an informational notice. * Click the host name to return to the list of ports for that host.{column}\\ {section} \\ {tip:title=Questions?} If in doubt, don't hesitate to [ask Information Security|Support Request] for assistance analyzing these results.{tip} \\ {card} \\ {deck} \\ h1. Remediation and Re-Scanning Once you've analyzed the results of your scan, you can select the issues you want to remediate, fix them, and then re-scan. The results relating to those issues should not not appear in the new

    1.  
      Only scan hosts you own or control. You are responsible for the results of your scans.


Tip
titleTarget File

Alternatively, create and upload a reusable "Targets File" using ASCII text encoding with one host or CIDR network per line and no extra spaces or lines



Card
label3. Launch


Section

Column
width50%

Center

Image Added



Column
width50%
  • Click "Run Scan." The scan will start and Nessus will display a progress meter based on the number of IPs which have been scanned.



Card
label4. Run


Section

Column
width50%

Center

Image Added



Column
width50%
  • Allow the scan to run. When it's complete, it will move from the Scans section to the Reports section.



Card
label5. Open Report


Section

Column
width50%

Center

Image Added



Column
width50%
  • Click Reports, select the report for your scan, and click Browse. This will display a list of the target hosts for this scan. Click on a host to view its results.



Card
label6. Analyze Each Host


Section

Column
width50%

Center

Image Added



Column
width50%
  • Click a host name or IP address to open its results. This will display a list of the open ports found on the host. Click on a port number to view the information collected for that port.
  • Click the scan name to return to the list of hosts in the scan.



Card
label7. Analyze Each Port


Section

Column
width50%

Center

Image Added



Column
width50%
  • Click on a port to see the results of the analysis of that port.


Section

Column
width50%

Center

Image Added



Column
width50%
  • Click on a plugin/analysis to see the vulnerability assessment for that port. Determine whether it's a problem that needs to be remediated, or just an informational notice.
  • Click the host name to return to the list of ports for that host.


Tip
titleQuestions?

If in doubt, don't hesitate to ask Information Security for assistance analyzing these results.




Remediation and Re-Scanning

Once you've analyzed the results of your scan, you can select the issues you want to remediate, fix them, and then re-scan. The results relating to those issues should not not appear in the new scan.