?
Solved

Using Nessus from outside the firewall

Posted on 2008-06-17
5
Medium Priority
?
1,266 Views
Last Modified: 2013-11-08
My company is having a thorough pen test done in August but I have been asked to conduct one before then so we have an idea where we are until then.  I have read a lot about Nessus, nmap and other tools that can be used.  I have downloaded Nessus, but I'm a little uncertain as too how it needs to be configured in order to test our network from the outside and then where to go from there.  I've read that it is a client/server config - does this mean I need a server set up on the inside of the firewall?  Does nessus do security scanning on network equipment or the servers behind the equipment?  the documentation didn't help me too much - maybe it's just me :)

We are using Cisco's ASA5510 and there are about 7 servers being nat'd thru.  I just want to make sure the ASA is doing what it's supposed to along with the servers.

Anyway... any help with this would be greatly appreciated!

Thanx!
0
Comment
Question by:mirick
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
craigothy earned 600 total points
ID: 21805488
Nessus is a client/server application but you can run both components on the same machine.  The windows based installation installs both components on the same box by default.  If you wanted to run a scan against your public IP range from outside the firewall you would just position your nessus scanner machine outside your ASA and then scan your public IP range.  This will test your security posture from the perspective of someone coming in through the Internet.
0
 
LVL 7

Assisted Solution

by:mabutterfield
mabutterfield earned 400 total points
ID: 21805692
I would recommend loading up both components on a laptop and run the scan from inside the firewall first.  Nessus is a Vulnerability Assessment tool, not a penetration testing tool.  By running from inside the firewall, you'll get a better idea of where your vulnerabilities are.  You'll then have a chance to fix the vulnerabilities before the pen test.

You can also run the test from both inside, and outside the firewall, then compare the results.  This will give you a good idea of what vulnerabilities you may have, but the firewall is blocking.  

Keep in mind that if one server is compromised from outside, that server can be used to attack other servers, where the firewall is useless.  This is why I recommend performing at LEAST an internal scan.

0
 

Author Comment

by:mirick
ID: 21806622
Thank you both!  That is very helpful.

So I have run the scan... while its scanning, it says scan in progress.  After a few minutes, it flips over to the report tab.  It shows the date/time and the scan I selected to run, and there apears to be absolutely nothing in the report.  Is this good?  

Also - if Nessus is for vulnerabilities, what should be used for penetration testing???
0
 
LVL 7

Expert Comment

by:mabutterfield
ID: 21806658
you have to tell it to run the report, it will generate it and export it to one of several formats.  You'll RARELY find NO vulnerabilities.  Either way, the report won't be blank.

pen testing can be done with a number of different tools, freeware is available such as metasploit.  Commercial programs are available, but VERY expensive.  Core Impact is the best one that I've seen.
0
 

Author Comment

by:mirick
ID: 21806892
Excellent... I finally feel like I have a place to start.

Thanks to you both!
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question