How To Install Tenable Nessus Vulnerability Scanner On Kali Linux 2023

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello guys welcome back to another video in today's video we're going to be installing nessus also known as tainable it's a vulnerability scanner I'm going to be installing this quickly onto my Cali machine which I'm going to be integrating with my lab that I'm running in my house so I just wanted to make a quick video on me installing that and today is Thanksgiving so I just want to wish everyone a Happy Thanksgiving and to you and your loved ones and all that good stuff so if you guys are ready for the video Let's jump into it all right so here we are on my Cali machine so you know the deal please like subscribe and share I think I forgot to say that but I'm almost at 50,000 so let's get to there and we're going to have some fun at that Milestone I still can't believe I'm almost at 50,000 subscribers and I know there's people like John Hammond just hit a million subscribers so I don't know John if you ever watch my videos but if you do congratulations on that Milestone dude you're you're killing it so keep up the good work one day I'll be like you no I'm just kidding but um so what I want to do here is install tainable on my Cali box and you we can download it we can just go right to Google tainable Linux and we can go right to the downloads page here and we can use this curl command so I want to do that quickly I'm just going to copy that hopefully that copied and I want to paste that here and of course I didn't do that let's see if I can just copy it all here and try to paste that okay it did here we go so now it pasted that so if I do an LS we can see that it's here so now we just have to uh use the um now we just have to uh take the package and download it right so D whoops p and then we're going to do a Dashi and then that's this all right so now this is going to go ahead and un unpackage that or install it or whatever you want to call it so now you it's installed it downloaded it unpackaged it setting it up and all that good stuff everything is good everything passed so that's a good sign if we come all the way down here you can start the service by typing bin system CTL start service so let's go ahead and do that really quick I want to go ahead and just paste that here okay whoops did I do something wrong uh um let's see what did I do did I do anything system ATL all right let's just let's try this really quick let's do Pudo bin SL system CTL start [Music] service that's really strange uh then go to so let me try give me one second let's do this really quick bin and then let's go to system C bin right Let's do an LS really quick let's see if we can see this system there's a lot here system right there system let's just do this LS GP system CTL it's there all right so let's just go system CTL start right there there and then nessus USD uh there we go all right let's it enter here fail to not found that's really weird it says it's there let's go ahead and just let's just see if we can just go to this URL let's copy this and just go right to it see if we uh get any luck no it is St that's really strange okay I don't know that's really weird if you guys right into that too just let me know but everything is working and we I guess we can see that the the process is started which I don't understand but anyhow all right so let's go ahead and continue here and register for Essentials I already skipped this I have a code where is my code let me get to my code pictures snapshots and right here so I want put this on another screen really quick let me make this bigger so I can see it all right perfect so let me just put this in BLS Dash I don't know if I can I copy this no can't copy that all right so let's go ahead and just type it in XC WF Dash 7da -9 B BC all right it's fine my username I'm using name it infos Pat and my fany password let's save it that's fine all right so it's going to go ahead and download the plugins and all that good stuff and once this is installed excuse me once that's installed I want to go ahead and except that over there once this is installed what I'm going to do is I'm going to set up a quick scan and I'm going to go ahead and scan one of the machines in my network so let's go ahead and just do this really quick um we can come here and forget about that that's really weird so I going to do is going to do an ARP scan DL and see what's in my network and I'm just going to you know this is my local network that's running in my house and and that's all good in the hood you guys can see what whatever you want to see so what I want to do here is I want to scan it against one of my what is this machine if config I don't even know my IP am I at no I'm at 21 all right so I don't know what this is is I'm not sure but 250 is my hu Packer my my server so I can probably run it against that let's try to make sure I can ping it make sure it's up I think it's up guess it actually responded all right cool so let's just come back here all right so let's create a new scan why can't I do a new scan let's go ahead and go to settings really quick and system health no scans scan alerts I guess this is just still doing its thing still updating or whatever so once this this is done doing its updating comp so it's about 15% so we'll let that do its thing and then we'll resume once this is done all right everyone so once this the compiling updates and everything like that I refresh my screen so now we can put some Targets in here to scan so what I'm going to do is I'm going to go ahead and put 192 168 50 do what was that IP address I wanted to scan 250 right so I'll just do 250 for now okay submit that let's just go ahead and it's going to discover see if there's any DNS so let that scan and we're going to go ahead and run so that's the first machine let's go ahead and run scan and this is going to just do a basic quick scan right so you can actually go in and do different kinds of scans right you can go he let's go back to basic scan it's going to go ahead and just run a quick scan so let's go to all scans we have basic and we can do new scans we can do different policies obviously you can create new policies the plug-in rules and let's go ahead and while this scan is going let's just look around right so you can update your software so you know all you know update all the components we can do manual updates I just updated mine so mine is pretty pretty up to date and you can see the advance you can see scanning all the settings all the identifiers all the values of all the scans you can see logging making sure all everything is good performance security miscellaneous right proxy servers if you connecting to any proxies SN uh SMTP for any mail custom CA so if you have a certificate uh you can post that here here this is just a lab so I don't have any password management you can go ahead and set up a password manager this is pretty much where I you know uh stay and make sure all my health my scanners are good so obviously I have I don't remember how much RAM I have allocated I think 16 gigs so we can see 404 Megs are utilized one scan so we'll just you know you can look you can look around see what's uh what's happening on your machine uh this failed to resolve any uh DNS that's fine because I don't have DNS on that machine the network any alerts obviously I have one alert notifications so at 11 what is now it's 11:36 so you know we had some errors uh plugins are done complying and all this stuff so the whole the whole update took about 15 minutes I think so let's go back to scans this is probably going to run and take some time but as you can see like it has 13 in in information let's just click on that we can see the information ones so we'll let this do its thing we'll let this scan and resume once it's done all right thank you all right so that took I don't know 21 minutes it says so that's not bad so now we can see the host is done scanning we can see 26 vulnerabilities one history which is the scan from today so the vulnerabilities is 26 there's one critical obviously it is running esxi on that so let's go ahead and click into that and see what the what the vulnerability is it's VMware ESX esxi unsupported version detection so what does this mean this is saying because you know the one I published excuse me the the version I'm running published many years ago I'm running 67 I don't even know if 67 came out in 2011 let me see when did uh 6.7 come out was it 2011 uh end of life so the end of life it is end of life but when did it actually come out this was I have no idea I'm not sure so I guess just because it's end of life I don't know when it was actually published that I don't know so the solution is to upgrade the version to the current uh upgrade the version VMware to the current supported version which is 8 or seven so right now we're running 67 the EOL which is end of life was was in 2022 so supported seven so it's saying pretty much update my esxi server and maybe I'll do that maybe I won't so we can go back and we can see okay the next one here let's go ahead and click on the next one critical so there's a crossy scripting the solutions to apply the patches pretty much to patch it up I I knew this one was vulnerable that's why I wanted to scan this host so we can see that there's some mixed let's go ahead and just see uh SSL certificate not trusted because it's the self-signed certificate and you guys get the gist so what is the point of doing a vulnerability scan so if you're in house on a network you can run nessis rapid 7 qualis just to make sure you're hardening your systems for a pentester perspective we can run this and see what is exploitable how can we let leverage these vulnerabilities to our advantage or just you know give this information to the client to have them Harden their systems right so that's pretty much what I use it for like if I'm running it on my home network which I'm going to use this to run on my home network it's just going to go ahead and see what's outdated to make sure everything is hardened up to date and if you're running this in a environment for pen testing if you're a consulting firm and you're running qualis or rapid 7 attainable or whatever uh uh vulnerability scanner you're running it's just you know to inform you that you're outdated and to do your patching so that's super critical to have so that's pretty much wraps up this video I showed you guys how to install it I know we had that little hiccup in the in the beginning but it worked I'm not sure what's going on with that maybe it was just a hiccup and we set up a scan we made sure everything is up to date and we look at the results I don't want to go through every single result you can do that whenever you scan your network but I hope this been informative for you guys if you have any questions feel free to leave it in the description below and again Happy Thanksgiving have an awesome day

Info

Channel: InfoSec Pat

Views: 6,092

Rating: undefined out of 5

Keywords: pentester day in the life, tenable, how to install nessus, how to, install, tenable full episodes, tenable nessus vulnerability scanner, tenable vulnerability management, how to install kali linux, how to scan for vulnerable systems, infosec pat, cybersecurity

Id: fyR98bHTbok

Channel Id: undefined

Length: 15min 18sec (918 seconds)

Published: Thu Nov 23 2023