Running your first scan using NessusWX

• Download and save the self-extracting version of NessusWX for Intel platforms
  from http://nessuswx.nessus.org/ to a temp directory on your hard drive.
  (nessuswx-1.4.4-install.exe, 1413KB in size);
• Double-click NessusWX-1.4.4-install.Exe to start the installation process;
• If using XP SP2 you may be prompted with a warning message that the publisher
  could not be verified, click <Run>
• At the "Welcome to the Installation Wizard" screen click <Next>
• At the "License Agreement" screen read the license terms, check "Yes, I agree
  with all the terms of this license agreement", click <Next>;
• At the "Destination Folder" screen enter the desired location for NessusWX, or
  accept the default of C:\Program Files\NessusWX, click <Next>;
• At the "Setup Type" screen select "Binaries Only", or if you wish the source files
  included select "Binaries & Source", click <Next>;
• At the "Program Group" screen select the desired program group, or leave at the
  default of NessusWX, click <Next>;
• At the "Ready to Install the Program" screen click <Next>;
• At the "Installation Complete" screen click <Ok>.

• Upon executing NessusWX you will be prompted with the "Settings" screen,
  "General" tab,requesting database directory information. By default NessusWX
  uses C:\NessusDB to storescan result. The database location can be a network
  drive if you wish to store results on a network drive for security purposes.
  Select the defaults value or change to the desired directory, click <Ok>
• If the directory you selected does not exist, you will be prompted with a
  creation message, click <Yes>
• Select "Communications/Connect" menu option
  • Change the default Server "Name", from the default 127.0.0.1, to the
    desired Nessus server;
  • Change the default Server "Port Number", from 1241, to the desired Nessus
    server port if needed;
  • By default, NessusWX selects TLSv1 as encryption option;
  • Select "Authentication by Password" radio button;
  • Check save password checkbox;
  • Change the default Authentication "Login" value to your Nessus login name;
  • Enter your Nessus login name password, click <Connect>
  • You will be prompted with New Server Certificate window displaying the
    Nessus server certificate information, click <Accept & Save>

• Make sure you are acting within your authority. Most companies have strict
  policies about who can perform vulnerability scanning and on what equipment.
  Acting outside your authority with a vulnerability scanner could lead to your
  dismissal;
• Absent Nessus server based rules that limit what IP ranges you can test, obtain
  written permission on what you are and are not permitted to perform
  vulnerability test on;
• Vulnerability scanning can leave equipment in an unstable state. This is
  practically true if performing Denial of Service tests and/or testing systems are
  very poorly configured. Nessus vulnerability scanning is normally not destructive
  and rebooting the affected equipment will return it to the correct operational
  state;
• NessusWX has a selection for "Safe checks" that disables the most dangerous
  scripts from executing and instead relies on banners information to determine
  vulnerability rather than exploiting the real flaw. However, it is still possible
  to leave equipment in an unstable state;
• If your company uses an intrusion detection system, performing vulnerability
  scanning on the network will most likely trigger intrusion alerts. Vulnerability
  scanning is very "noisy" and easily detected by most intrusion detection
  systems;
• If you are performing vulnerability scans across the internet verify your ISP will
  not object, that your scanning will not trigger their intrusion detection system,
  and request documentation concerning scanning polices and rules that you
  must follow;
• Exercise common sense when performing vulnerability scans. For example,
  it’s most likely not a good idea to run a Denial of Services test on your core
  router during normal business hours;
• NEVER SCAN EQUIPMENT THAT YOU ARE NOT EXPRESSLY AUTHORIZED TO SCAN.
  Doing so could result in lawsuits, bad press, jail, ISP termination, and
  unemployment just to name a few. Running a Denial of Services test against
  your competitor’s web site for example, will most likely result in several unwanted
  events occurring once you and your company are identified as the cause.

• Click menu selection Session/New;
• You will be prompted to enter a session name or accept the default of "Session1".
  Enter "First Scan", leave "Define additional properties" checked, click <Create>;
• At the "Session Properties - Test Scan", click the "Targets" tab, then
  click <Add>;
• At the "Add Target" screen you have the option of entering a single host, a
  subnet, or IP range depending on scanning needs. For our test session, select a
  single IP address and enter the IP or Host name of your workstation, click <Ok>;
• Click <Apply>.
• Click the "Options" tab:
  • Change "Maximum simultaneous" default value if needed;
  • Change "Security checks per host" default value if needed;
  • "General scan options/Enable plugin dependencies". Nessus uses many plugins
    (tests) that require the use of other plugins to operate correctly. Checking
    this box permits Nessus to automatically enable dependencies as needed.
    For our test scan, "Enable plugin dependencies" should be checked;
  • "General scan options/Do reverse DNS lookups" simply performs a DNS lookup
    on the target to determine the host name. For our test scan, check "Do
    reverse DNS lookups";
  • "General scan options/Safe checks". As stated previously, Safe Checks
    disables the most dangerous scripts from executing and instead relies on
    banner information to determine vulnerability rather than exploiting the real
    flaw. For our test scan, leave "Safe checks" checked;
  • "General scan options/Optimize the test" lets Nessus avoid all apparently
    irreverent tests. For example, tests will not be conducted for web site unless
    a web site is detected. For our test scan, leave "Optimize the test" checked;
  • "General scan options/Resolve unknown services" will permit Nessus to resolve
    any unknown services that may be operating on the system. For our test
    scan, leave "Resolve unknown services" checked;
  • "Path to CGI’s". Nessus has the ability to check for generic CGI vulnerabilities
    that may be present. For our test scan, leave "Path to CGI’s" at the default
    of "/cgi-bin";
  • "Interface options" permits you to limit the results that are displayed on the
    screen while scanning is occurring. For our test scan, leave both items
    unchecked to display the maximum amount of information;
  • Click <Apply>.
• Click the "Port scan" tab:
  • "Port range to scan" permits you to enter the ports Nessus will scan. For our
    test scan, we will use the default of "Privileged ports (1-1024)";
  • "Port scanners" permits the use of a wide range of port scanners depending
    on your needs. For our test scan, leave the default of "Ping the report host"
    and "tcp connect scan" checked.
  • Click <Apply>.
• Click the "Connection" tab will permit you to enter and store specifics about the
  Nessus server to be used for the session. Since we are currently connected to
  a specific Nessus server, no need exists to enter this information for our test
  scan;
• Click the "Plugins" tab:
  • To test for system vulnerability we must enable plugins. Check the "Use
    session-specific plugin" checkbox. You will notice that currently "0 plugins
    currently are selected for execution";
  • Click the "Select plugins" button to display the "Plugin List" screen. For our
    test scan, click the "Enable All" button, click <Yes>, when prompted with
    "Do you wish to enable all port scanners as well", click <Close>. You will
    notice that 2400 or so plugins are now selected for execution;
  • Click <Apply>.
• Click the "Comments" tab and input any remarks you have concerning this session
  or its settings, then click <Ok> to save your Session;