1
00:00:10,240 --> 00:00:17,350
Let us continue with vulnerability assessment in Nessus, in the last video, we saw how to download

2
00:00:17,350 --> 00:00:22,440
and configure the Nexus and in this video we will start creating a Nexus policy.

3
00:00:23,080 --> 00:00:27,010
So in this video, you will learn the overview of Nexus.

4
00:00:27,280 --> 00:00:35,170
We will learn how to create a network policy and configure a network policy for scanning different types

5
00:00:35,170 --> 00:00:41,140
of scanning on target revealed that open port and services might be running on the target.

6
00:00:41,710 --> 00:00:42,280
Next step.

7
00:00:42,280 --> 00:00:48,310
Should we want to be scanning to detect possible vulnerabilities of the system in a targeted network?

8
00:00:48,880 --> 00:00:52,480
How to launch Nessus after installing the Nessa's?

9
00:00:52,480 --> 00:00:56,500
You may get a client in the form of the default web browser.

10
00:00:57,070 --> 00:01:03,190
Open that on your desktop and login with the credentials you had given at the time of installing Nessus.

11
00:01:03,820 --> 00:01:06,640
Once you sign in, it will load Nessus.

12
00:01:08,410 --> 00:01:10,900
This lab will give you a Real-Time experience.

13
00:01:11,140 --> 00:01:17,050
How security experts use this tool for performing penetration tests and they're scanning.

14
00:01:18,130 --> 00:01:25,210
So these are your concerting if you want to change your password, you can change it from here voluntarily.

15
00:01:25,210 --> 00:01:32,150
Scanning is a type of security assessment activity performed by security professionals on the home network.

16
00:01:32,710 --> 00:01:35,880
It helps in finding possible network vulnerabilities.

17
00:01:36,820 --> 00:01:40,080
So let us start creating a network policy.

18
00:01:40,990 --> 00:01:46,660
If you have faced any problems in downloading and installing Nessa's, you can ask us during the mentorship

19
00:01:46,660 --> 00:01:47,230
sessions.

20
00:01:51,830 --> 00:01:52,310
Now.

21
00:01:54,190 --> 00:01:56,890
Let us start creating a network policy.

22
00:01:58,150 --> 00:02:04,990
These are the types of scanners and these are the details about Nessus, which we are using license

23
00:02:04,990 --> 00:02:07,750
utilization, Verizon software update.

24
00:02:07,780 --> 00:02:09,120
You can update it from here.

25
00:02:09,610 --> 00:02:12,500
And this is the master password proxy servers.

26
00:02:12,520 --> 00:02:19,000
There's a lot of this is really a wonderful tool which is used by most of the penetration testers and

27
00:02:19,000 --> 00:02:20,100
security experts.

28
00:02:20,500 --> 00:02:23,670
It also uses in auditing and much more.

29
00:02:28,770 --> 00:02:34,880
So you can see that Necessar only used 20 M.V. of memory and alone is right now zero.

30
00:02:35,430 --> 00:02:42,390
So let us start creating the first Wallasey so you can see the new policy button.

31
00:02:42,660 --> 00:02:43,320
Click there.

32
00:02:43,680 --> 00:02:45,810
And there are numerous policies available.

33
00:02:46,110 --> 00:02:55,200
Host Discovery, Basic Networks and Advanced Policy Advanced Dynamic Scan Malware to scan credentialled

34
00:02:55,200 --> 00:02:57,730
patch audit for application tests.

35
00:02:57,930 --> 00:03:06,660
So just by seeing this, you can see the overuse of Nessa's and how Nessa's is important in doing Baptist's.

36
00:03:07,770 --> 00:03:13,890
To add a new policy, click the policies button and in the resources meaning will appear the policies.

37
00:03:14,610 --> 00:03:19,380
So the Nessa's policy window will open and then you have to create a new policy.

38
00:03:21,840 --> 00:03:27,660
The screen on which you right now you're seeing is known as the policy template, the policy general

39
00:03:27,660 --> 00:03:29,860
settings with basic policy settings.

40
00:03:29,880 --> 00:03:33,150
I will appear after we will select a certain policy.

41
00:03:37,020 --> 00:03:40,830
For this lecture, we are going to select the advance gang policy.

42
00:03:45,420 --> 00:03:52,500
In advance, can the policy general say things will appear with basic setting types, specify the policy

43
00:03:52,500 --> 00:03:56,040
name in the name field, and give a description about the policy?

44
00:03:56,040 --> 00:04:01,830
If you want, I will give it a description and the name of advanced networks and policy.

45
00:04:02,490 --> 00:04:08,900
The description field is used at the time of actual penetration testing to specify the functionalities

46
00:04:08,910 --> 00:04:10,560
of this particular policy.

47
00:04:12,600 --> 00:04:18,150
I won't be wasting much time in giving the description you can give a description whatever you want,

48
00:04:18,420 --> 00:04:20,150
or you can just leave the field blank.

49
00:04:22,770 --> 00:04:27,950
Any changes to the NSA scanner configuration of all the NSA's users?

50
00:04:28,140 --> 00:04:36,060
So make sure you edit these options very carefully in the settings field select host or discovery from

51
00:04:36,060 --> 00:04:41,600
the Discovery dropdown button and turn off the pinger remote option.

52
00:04:41,940 --> 00:04:43,910
You have to turn it off.

53
00:04:44,100 --> 00:04:53,790
Do not turn it on the port scanning sitting type and check the verify DCP Open ports found by the local

54
00:04:53,790 --> 00:04:54,960
port enumerators.

55
00:04:54,960 --> 00:04:59,310
You have to turn it on and leave the other filled with default options.

56
00:05:00,000 --> 00:05:06,570
Go to service discovery and keep it all it is in the settings.

57
00:05:06,570 --> 00:05:11,100
Feel select the report and do not alter any options in this setting.

58
00:05:11,100 --> 00:05:18,600
Type in the setting will select advanced and the policy generally settings with advanced settings.

59
00:05:18,600 --> 00:05:28,230
I believe you said the values of max number of concurrent DCP Sessions, Bornhorst and max number of

60
00:05:28,230 --> 00:05:37,410
concurrent TCP bioscan to Unlimited, as you can see, and doing it on the screen now to configure the

61
00:05:37,410 --> 00:05:40,500
credentials of new policy, click the credentials tab.

62
00:05:40,950 --> 00:05:44,910
The policy credentials window will appear with the Windows credentials.

63
00:05:45,630 --> 00:05:48,000
It is displayed, as you can see on the screen.

64
00:05:49,590 --> 00:05:54,990
If you want this policy to be hidden from outsiders, you can specify a username and password.

65
00:05:55,470 --> 00:05:58,050
But make sure that you remember this password.

66
00:06:03,960 --> 00:06:11,460
We are done here, 80 percent of the job is almost done now to select the required plugins, click the

67
00:06:11,460 --> 00:06:12,200
plug in step.

68
00:06:12,600 --> 00:06:15,690
But for this scan, we won't require any plug ins.

69
00:06:16,110 --> 00:06:21,090
But if you are really interested, you can go to Tenebrae dot com and read more about plug ins.

70
00:06:21,660 --> 00:06:27,330
These plug ins are really essential while scanning different websites and databases.

71
00:06:27,480 --> 00:06:32,860
As you can see, Cisco plug INS databases and Musong plug ins and much more.

72
00:06:33,210 --> 00:06:39,240
In this way you can select the required plug ins, but for this scan you do not require any plugin.

73
00:06:39,570 --> 00:06:41,950
So please click the enable buttons.

74
00:06:41,970 --> 00:06:46,470
I will now click the disable button to disable all of the policies and plugins.

75
00:06:48,940 --> 00:06:54,550
So now what you have to do after this, you have to just click the button to save everything.

76
00:06:56,880 --> 00:07:03,120
A policy saved successfully pop up will appear and the policy is added in the policy window, as you

77
00:07:03,120 --> 00:07:04,620
can see on the screen right now.

78
00:07:06,910 --> 00:07:14,260
Now, look, the scans to open the MRI scan window and in the next lecture, we will see how to create

79
00:07:14,260 --> 00:07:15,040
a new scan.

80
00:07:16,650 --> 00:07:23,340
And the user defined section, we will see the scan or the policy which we have just created.

81
00:07:23,370 --> 00:07:23,980
There you go.

82
00:07:24,030 --> 00:07:26,490
You can see advanced network policy.

83
00:07:26,820 --> 00:07:35,230
And here we have to create a new scan by naming the new scan and Advanced Networks scan description.

84
00:07:35,250 --> 00:07:36,830
I will just give them a scan.

85
00:07:37,350 --> 00:07:38,270
And there we go.

86
00:07:38,280 --> 00:07:45,150
We are to enter the target IP address and Nessus will start scanning the website for the target IP address

87
00:07:45,390 --> 00:07:47,100
for their abilities.