Nessus vulnerability, Computer Network Security

Assignment Help:

You see two IP addresses. The IP address 192.168.58.130 is the one of Bt4. The IP address 192.168.58.133 has ports 135 and 445 open; which indicates that it is a Windows machine. So the Nmap scan shows that the WinXP system has IP address 192.168.58.133.

Next, I used the Nessus vulnerability scanner to scan WinXP for vulnerabilities. First, I started the Nessus server; by left clicking on its icon and then on the Start Nessus Server box. The Nessus server opened port 8834 and wait for a connection; sometimes it may take the server a couple of minutes to open this port. Then, I started my browser, connected to https://localhost:8834, and provided my username and password. The first time, my system did not recognize the certificate of Nessus and generated a warning message. I ignored it and accepted the certificate. If you use Bt5, check steps 6,7,8,9,10 of Nessus-Bt5 URL; of the Project URL. At the top of the Nessus window there are three tabs: Reports, Scans, Policies. I left-clicked on Policies, and then on +Add. The Add Policy window opened that enables defining a scanning policy. That is, which hosts and ports should be scanned as well as what vulnerabilities checks should be conducted. Nessus provides a lot of flexibility in specifying what Nessus must do. I used the default Nessus policy which is also very effective. So in the Name box, I simply typed Karvelas and in the Description box I typed "WinXP-SP2 Vulnerability Analysis". Then, I clicked on Next at the bottom right corner of the Nessus window. The next screenshot shows the Nessus settings. Note that if you use the Nessus of BT5, then in order to see (and click) Next, you must first expand the VMware Player to occupy all the screen of your host operating system. You can do this by left-clicking on the box at the right corner of the top bar of the VMware player which is located above the date and time.


Related Discussions:- Nessus vulnerability

Programming, For this assignment you will create a program called MMWordFix...

For this assignment you will create a program called MMWordFix (Multi-Mode WordFix). This program prompts the user to select one of three word filters (uppercase, lowercase, encryp

Determine the functions of security components, You are designing a Demilit...

You are designing a Demilitarized zone for a large corporation. Using design best practice, and the information that you have learned so far, propose a design that will provide the

What is network address translation, Question: (a) What is Network Add...

Question: (a) What is Network Address Translation (NAT)? Why is it used? (b) Given a following information by your ISP about your newly acquired Frame Relay connection:

Risk control strategies-risk management, Risk Control Strategies Once th...

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •    Apply safeguards wh

Cost accounting, ?Examples should include direct costs items, indirect cost...

?Examples should include direct costs items, indirect costs items, as well as variable costing. ?What are at least 5 types of expenses that are associated with manufacturing the

Mention most relevant clause of iso 27001:2005, QUESTION (In this ques...

QUESTION (In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards) For each of the situations below, comment on the following: 1. Mention

Find the possible deciphering transformations, Question: (a) A string o...

Question: (a) A string of ciphertext was enciphered using an a±ne transformation of single letters in a 28-letter alphabet consisting of A to Z, a blank and a?, where A to Z ha

Hardware trojan detection, how to form the trojan integrated cirucit and wh...

how to form the trojan integrated cirucit and what are the tools are used to simulate the ciruit to our system and how to pass it as input to the clustering algorithm to get the ou

Threads and attacks-information security, THREADS AND ATTACKS Threat is ...

THREADS AND ATTACKS Threat is an object, person, or other entity which represents a constant danger to an asset. To make sound decisions about information security, management s

Hashing, Hashing is the transformation of a string of characters into a g...

Hashing is the transformation of a string of characters into a generally shorter fixed-length key or a value that presents the original string. Hashing is used to index and retri

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd