1 00:00:00,150 --> 00:00:01,230 All right, welcome back, everyone. 2 00:00:01,260 --> 00:00:05,730 This is Rick's List and let's get started with Nessus Scanner. 3 00:00:06,090 --> 00:00:15,180 All right, so let me open my virtual little box and give you the OK. 4 00:00:15,390 --> 00:00:22,680 So as we as I promise our lab will be having a lot of companies from Windows 10 machine to Windows servers, 5 00:00:22,680 --> 00:00:30,240 which will be having DNS and DCB running into IT services basically, and Web servers as well, which 6 00:00:30,240 --> 00:00:30,990 is this. 7 00:00:30,990 --> 00:00:33,260 This is the DNS and DSP servers running. 8 00:00:33,630 --> 00:00:37,670 This is our calling machine, which we won't be using much for. 9 00:00:37,680 --> 00:00:41,060 The scanner will be making use of database scanner as well. 10 00:00:41,140 --> 00:00:45,000 Let it's down into the database servers. 11 00:00:45,450 --> 00:00:54,330 Let me turn up the Windows Web Server, ASBA, but we need it and we need to have our what exactly we 12 00:00:54,330 --> 00:00:58,270 need is we need to log into our scan, OK? 13 00:00:58,590 --> 00:01:04,290 And what you need to do is, first of all, get to a Windows machine or maybe any machine. 14 00:01:04,750 --> 00:01:14,670 OK, usually being in if you look at my ethical hacking course, I made use of Unix Linux distribution 15 00:01:14,670 --> 00:01:20,340 basically for performing the Nessa's scanning, the one already scanning because we're being to the 16 00:01:20,340 --> 00:01:26,220 Enterprise Network, will be making use of Windows Machine most of the time because that's what you 17 00:01:26,220 --> 00:01:28,580 would be aware of a bit. 18 00:01:28,860 --> 00:01:32,370 So what do you what you can start with this. 19 00:01:32,730 --> 00:01:37,850 You can simply go and go and download the new scanner for that. 20 00:01:37,860 --> 00:01:42,330 What you can do is you can just download. 21 00:01:42,990 --> 00:01:45,690 And once you do that, you get the first link. 22 00:01:46,750 --> 00:01:52,710 The topmost result, and from there you just have to mention your first name, last name and your email 23 00:01:52,710 --> 00:01:59,490 address moment, you click get started, you get the activation key for this. 24 00:01:59,910 --> 00:02:04,450 Now, once you do that, you will have to you will get an option for download as well. 25 00:02:04,860 --> 00:02:13,890 So either once you fill up this form, you get to the download section or you can also search here as 26 00:02:13,890 --> 00:02:15,060 well for download. 27 00:02:15,060 --> 00:02:17,490 Nessus Essential. 28 00:02:19,720 --> 00:02:26,710 And this would also be helpful for reach out to the download page here, you can search for Windows. 29 00:02:28,630 --> 00:02:35,860 You are for 64, but operating system, you can download this option and once you agree and download 30 00:02:35,860 --> 00:02:40,720 it on your system for 32, but you can go for this, you agree and get downloaded. 31 00:02:41,200 --> 00:02:44,740 Now, this is not necessary, not just for windows. 32 00:02:44,750 --> 00:02:47,650 You can even have it in the operating system. 33 00:02:47,650 --> 00:02:49,960 You can download it on your beento machine. 34 00:02:50,470 --> 00:02:54,280 You can have it for any any system. 35 00:02:54,280 --> 00:02:55,340 Mac OS as well. 36 00:02:55,510 --> 00:03:02,500 This you can see it is even available for callisthenics system to once it's done, once the system is 37 00:03:02,500 --> 00:03:10,900 downloaded, you can click on open file and just go with whatever you ask for and go next, next, next. 38 00:03:11,620 --> 00:03:16,770 And once you are done with all the stuff, just once again I think we lost. 39 00:03:16,780 --> 00:03:17,960 OK, here we are. 40 00:03:18,220 --> 00:03:24,940 So once we get this software, you just keep doing the next and at the end it might take some time and 41 00:03:25,540 --> 00:03:29,710 the browser will automatically open up on on a board. 42 00:03:30,740 --> 00:03:40,130 On our Web browser, where you just either you type in Manolete localhost, localhost, who's aged three, 43 00:03:40,190 --> 00:03:43,670 four, OK, and this is where Nessus get connected. 44 00:03:44,000 --> 00:03:52,490 And once you do that, it will ask you to connect SSL and it will ask you to either either get the license 45 00:03:52,490 --> 00:03:53,870 or you can skip it. 46 00:03:54,080 --> 00:04:02,270 And straight away enter the enter the license fee that you received on your email while when you have 47 00:04:02,420 --> 00:04:04,250 initially done the registration. 48 00:04:04,790 --> 00:04:08,030 Right, so that when you get the key, you just enter it. 49 00:04:08,480 --> 00:04:15,180 And once you are done with all the stuff you can do this option, of course, you also have to create 50 00:04:15,180 --> 00:04:16,400 the username and password. 51 00:04:16,820 --> 00:04:23,270 Now, this is the free rarin you can access around 18, you can scan around 18 licenses. 52 00:04:23,630 --> 00:04:25,850 This is completely a free system. 53 00:04:26,270 --> 00:04:30,130 So this is how the dashboard really looks like. 54 00:04:30,440 --> 00:04:36,450 And here you get an option for importing any file or new folders or new scan. 55 00:04:36,470 --> 00:04:38,940 That's what we would be interested about. 56 00:04:39,290 --> 00:04:46,370 We get to see all type of scan from postholes discovery where you can discover all the most basic networks 57 00:04:46,370 --> 00:04:49,430 can advance, scan, advance, dynamic scan. 58 00:04:49,610 --> 00:04:54,150 This is what you would be making use of once you are in the organizations. 59 00:04:54,530 --> 00:05:00,220 That application desk is pretty much popular when it comes to the when it comes to the organization, 60 00:05:00,230 --> 00:05:03,380 when it comes to the scanning the Web application itself. 61 00:05:04,190 --> 00:05:07,790 Now, there are many, many these are all free. 62 00:05:07,790 --> 00:05:10,640 And for them you don't really have to do. 63 00:05:11,230 --> 00:05:14,800 You have to purchase any commercial license. 64 00:05:14,900 --> 00:05:22,550 But for the rest of them, for compliance, for audit cloud infrastructure, where you can scan your 65 00:05:22,550 --> 00:05:26,240 adjure GCP or maybe the cloud as well. 66 00:05:26,240 --> 00:05:30,320 For that, you might need the upgrade for internal PCI networks. 67 00:05:30,340 --> 00:05:36,920 And this is those victimises three point two, which is the latest version besides a scan immediately 68 00:05:36,920 --> 00:05:43,460 for the organization who either manages or store credit card or any kind of payment, got information 69 00:05:43,460 --> 00:05:44,510 in their organization. 70 00:05:45,080 --> 00:05:52,640 In that case, they have to perform quarterly scan and then submit it for, you know, submit to the 71 00:05:52,640 --> 00:05:53,150 ASV. 72 00:05:53,150 --> 00:06:00,650 Is QSA basically who are the external auditor and who comes and then organization to submit those reports. 73 00:06:01,040 --> 00:06:08,840 And in that situation, it becomes a mandatory if they don't do that and then they fall under some bad 74 00:06:08,840 --> 00:06:09,250 ideas. 75 00:06:09,270 --> 00:06:13,430 But there are many other MDM configured config audit. 76 00:06:13,460 --> 00:06:17,150 This is mainly for organizations who have mobile device management. 77 00:06:17,810 --> 00:06:25,160 And if, let's say there are, we allow employees to access organizational resources from the mobile 78 00:06:25,160 --> 00:06:25,900 phone as well. 79 00:06:26,180 --> 00:06:29,780 In that case, we can perform those audit as well. 80 00:06:29,780 --> 00:06:37,010 And it becomes really crucial at the PCI quarterly external that just the one that I talked about, 81 00:06:37,010 --> 00:06:45,350 this is the quarterly scan that we perform through PCI and Policy Compliance Audit and many other as 82 00:06:45,350 --> 00:06:45,690 well. 83 00:06:45,710 --> 00:06:46,040 Right. 84 00:06:46,310 --> 00:06:48,870 So these are something which requires the upgrade. 85 00:06:48,890 --> 00:06:53,700 There are some scan which is pretty free of cost, which you can also perform. 86 00:06:53,730 --> 00:06:59,540 Want to cry ransomware, scan across your network, shadow broker's scan and many more. 87 00:06:59,770 --> 00:07:06,170 OK, this is something which has been pretty much popular in the in the meantime, where the Intel EMV 88 00:07:06,170 --> 00:07:13,400 security bypass scan was very much into, you know, in the news, many organizations were impacted 89 00:07:13,400 --> 00:07:14,130 because of this. 90 00:07:14,900 --> 00:07:17,290 So that's all about it. 91 00:07:17,300 --> 00:07:22,730 And if I give you an idea about how the setting really looks like, you get a license, name, license, 92 00:07:22,730 --> 00:07:27,310 host utilization, that's where you get to see how many license you can make use. 93 00:07:27,440 --> 00:07:28,740 OK, 16, sorry. 94 00:07:29,210 --> 00:07:35,630 And then you have advance option where you can have the how you can decide how your user interface could 95 00:07:35,630 --> 00:07:40,140 really look like you can enable the logging option, performance security as well. 96 00:07:40,370 --> 00:07:47,330 You can even have proxy servers in between so that your scanner will not be directly scanning the system. 97 00:07:47,480 --> 00:07:52,550 There will be a server in between and through which all these scan would really go to. 98 00:07:52,670 --> 00:07:59,690 OK, if you want to make use of any proxy server, you have to you have to enter the credential, the 99 00:07:59,690 --> 00:08:05,910 IP address of the proxy servers board you are talking on maybe usually on AT&T. 100 00:08:06,290 --> 00:08:07,190 That's the support number. 101 00:08:07,190 --> 00:08:11,630 Then you have to mention or enter the user name and password as well as some server. 102 00:08:11,840 --> 00:08:12,560 If you want. 103 00:08:12,710 --> 00:08:20,390 Your scanner should send an e-mail about every status that the scan has been completed. 104 00:08:20,400 --> 00:08:21,760 We have found some errors. 105 00:08:22,040 --> 00:08:27,830 There are this is the report, quarterly report, all the stuff you if you want, all those data comes 106 00:08:27,830 --> 00:08:30,020 to your mailbox or the. 107 00:08:30,350 --> 00:08:37,010 Important people are the stakeholders, and you can make use of some customs here, you can. 108 00:08:37,520 --> 00:08:43,460 What do you see currently direct signs which ensure that while in order to access it, it's it's an 109 00:08:43,460 --> 00:08:49,310 insecure because we don't have a certificate upload it, that my browser is not able to trust this software 110 00:08:49,310 --> 00:08:50,000 at this moment. 111 00:08:50,840 --> 00:08:53,280 So because it's got to be localhost it right. 112 00:08:53,300 --> 00:08:56,240 It's not a browser based or online application. 113 00:08:56,240 --> 00:08:58,970 It's currently it's currently a kind of server. 114 00:08:59,330 --> 00:09:01,820 You know, what you are making use of. 115 00:09:01,820 --> 00:09:04,630 It is a necessary word which is running on your system. 116 00:09:04,910 --> 00:09:06,620 So in fact, declined. 117 00:09:06,620 --> 00:09:12,890 And the server is currently on the same system at this moment and the server is not really having any 118 00:09:12,890 --> 00:09:13,550 certificates. 119 00:09:13,910 --> 00:09:21,620 So in order to make sure it is trusted, you can actually make use of certificates and then submit it 120 00:09:22,070 --> 00:09:28,010 usually in the enterprise network, how the system looks like usually in those in moment, that is a 121 00:09:28,010 --> 00:09:32,180 dedicated server and that's where the Nessus software will be installed. 122 00:09:32,330 --> 00:09:39,890 And Windows Server, nothing is really, you know, it is not really meant for any general purpose use 123 00:09:40,730 --> 00:09:45,050 so everybody can come and then access to the server and start scanning this. 124 00:09:45,350 --> 00:09:45,680 Right. 125 00:09:45,830 --> 00:09:49,520 And this situation would be taking a dedicated system. 126 00:09:49,520 --> 00:09:51,470 But in our case, we go to lab. 127 00:09:51,650 --> 00:10:00,200 So we are making our own system to be installed for necessary server and password management scanner. 128 00:10:01,040 --> 00:10:06,540 So this is where you get get to see what's the scanning and then everything notification option as well. 129 00:10:06,980 --> 00:10:09,080 This is how the scanner really looks like. 130 00:10:09,470 --> 00:10:14,570 And from the next session on what will be getting started with this scanning is. 131 00:10:14,570 --> 00:10:16,160 But thank you so much.