Professional Documents
Culture Documents
Step 1 Criteria Weight
Step 1 Criteria Weight
CSOL-570-01-SP20
Assignment 4 – Scanning for Vulnerabilities
Step 1
Criteria Weight
This tool must provide reporting 25
features to visually depict the results
of the vulnerability scan.
The tool must have a robust database 25
of known vulnerabilities and provide
administrators the ability to stay up to
date to test for new vulnerabilities.
The tool must be free open-source 20
software that includes free online
documentation and resources.
The tool must be compatible with the 20
CVE program.
The tool must be simple to use and 10
easy to analyze the results.
Total 100
Step 2
The above table lists out the set of criteria which will be used to evaluate two different
vulnerability scanning tools. These vulnerability scanning tools are NESSUS and Nikto, which are
both free and open-source applications. Nikto does have the ability to produce reports that
explain the vulnerabilities in several different formats, (HTML, CSV, XML, etc.). However, the
reports that Nikto produced do not provide any graphics or charts, which are useful when
discussing the vulnerabilities with management. Nikto can perform comprehensive tests against
web servers for over 6700 potentially dangerous files/programs. Nikto does have a robust
database of known vulnerabilities, which is updated often, but Nikto is mainly used to scan for
vulnerabilities in web servers and software. This limited functionality is one of the main
negatives for Nikto, as it can not scan for vulnerabilities in other servers such as database or
exchange servers. The next item on the criteria is being compatible with the CVE program,
which Nikto is not. Lastly, the last piece of criteria is that the tool must be simple to use and
easy to analyze results, which Nikto seems to be.
Nessus has the ability to produce very detailed reports of the scans that are performed.
Additionally, these reports have the ability to produce visuals such as pie charts and bar graphs.
This is a very good feature since these reports can often be used during meetings with upper-
level management to provide an overview of the state of the network without having to
analyze detailed, low-level reports. Nessus does have a robust database of known
vulnerabilities and can scan for a wide variety of vulnerabilities such as web servers, database
servers, various, software applications, and many common vulnerabilities and exposures (CVEs).
The online documentation was much more detailed for Nessus, and their online user guide has
over 400 pages of information to get install and configure Nessus on a server. Additionally,
Nessus has many scanner templates that fall into three categories: discovery, vulnerabilities,
and compliance. These templates provide administrators with an easy way to get started using
Nessus. Nessus is also compatible with the CVE program, which is important since it is able to
scan for this database of known vulnerabilities. Lastly, Nessus is simple to use at a basic level,
and the reporting features make it easy to analyze the results.
Step 3
After evaluating both Nikto and Nessus, the decision was made to move forward with the
evaluation of Nessus. Using the criteria in the table from step 1, Nikto scored a 64/100 and
Nessus scored a perfect 100/100. The main issues with Nikto were that it was not compatible
with the CVE program, lacked the ability to produce visuals in its reports, and is tailored
specifically for scanning vulnerabilities in web servers.
Step 4
For this step, I installed Nessus onto my Kali-VM virtual machine. There are multiple options for
Nessus, but for this assignment, since there are few virtual machines in the lab environment,
Nessus home was a suitable option since it is free. I installed the Nessus .deb file from
Tenable.com and saved it onto my Kali-VM.
To install Nessus I used the dpkg -i command:
Once the service was started, I was able to access the web interface of Nessus
In order to use Nessus, I had to register my email and obtain an activation code
After I entered the activation code, Nessus began to initialize on my Kali-VM system. The
initialization process took around 40minutes for me, but once it was done I was able to sign into
the Nessus web console successfully. Next, I began to familiarize myself with the Nessus web
interface and created a new scan.
There are many predefined scans to choose from which fall under the categories of Discovery,
Vulnerabilities, and Compliance. For this assignment, I chose to initiate a Basic Network Scan.
For this scan, I simply entered some basic information and provided the range of the private
LAN subnet of my virtual lab environment.
After this step, I ran into errors with the Nessus program and I kept on receiving ‘Corrupt
Database’ errors. It turns out that the underlying issue was with storage. When I created a scan,
it filled up the root ‘/’ directory.
To resolve this issue, I was going to increase the storage space of the / directory, but I realized
that I missed an important part during the installation. The hardware requirements to run
Nessus were larger than I thought.
At this point, I created a new Kali Linux virtual machine names Kali-VM2 and made sure to
provide it more resources, (4 cores, 4GB of memory and a 70GB hard disk). I configured this
new virtual machine to use the same NAT network as the other VMs and ran through the
previous installation steps to install Nessus.
Overall, I was impressed with the Nessus tool. I was able to configure it in under an hour and
the web interface was very easy to comprehend and analyze the results of the basic scan.
Additionally, there are many other pre-defined scanning templates to use.