Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Using Nessus from outside the firewall

Posted on 2008-06-17
5
1,259 Views
Last Modified: 2013-11-08
My company is having a thorough pen test done in August but I have been asked to conduct one before then so we have an idea where we are until then.  I have read a lot about Nessus, nmap and other tools that can be used.  I have downloaded Nessus, but I'm a little uncertain as too how it needs to be configured in order to test our network from the outside and then where to go from there.  I've read that it is a client/server config - does this mean I need a server set up on the inside of the firewall?  Does nessus do security scanning on network equipment or the servers behind the equipment?  the documentation didn't help me too much - maybe it's just me :)

We are using Cisco's ASA5510 and there are about 7 servers being nat'd thru.  I just want to make sure the ASA is doing what it's supposed to along with the servers.

Anyway... any help with this would be greatly appreciated!

Thanx!
0
Comment
Question by:mirick
  • 2
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
craigothy earned 150 total points
ID: 21805488
Nessus is a client/server application but you can run both components on the same machine.  The windows based installation installs both components on the same box by default.  If you wanted to run a scan against your public IP range from outside the firewall you would just position your nessus scanner machine outside your ASA and then scan your public IP range.  This will test your security posture from the perspective of someone coming in through the Internet.
0
 
LVL 7

Assisted Solution

by:mabutterfield
mabutterfield earned 100 total points
ID: 21805692
I would recommend loading up both components on a laptop and run the scan from inside the firewall first.  Nessus is a Vulnerability Assessment tool, not a penetration testing tool.  By running from inside the firewall, you'll get a better idea of where your vulnerabilities are.  You'll then have a chance to fix the vulnerabilities before the pen test.

You can also run the test from both inside, and outside the firewall, then compare the results.  This will give you a good idea of what vulnerabilities you may have, but the firewall is blocking.  

Keep in mind that if one server is compromised from outside, that server can be used to attack other servers, where the firewall is useless.  This is why I recommend performing at LEAST an internal scan.

0
 

Author Comment

by:mirick
ID: 21806622
Thank you both!  That is very helpful.

So I have run the scan... while its scanning, it says scan in progress.  After a few minutes, it flips over to the report tab.  It shows the date/time and the scan I selected to run, and there apears to be absolutely nothing in the report.  Is this good?  

Also - if Nessus is for vulnerabilities, what should be used for penetration testing???
0
 
LVL 7

Expert Comment

by:mabutterfield
ID: 21806658
you have to tell it to run the report, it will generate it and export it to one of several formats.  You'll RARELY find NO vulnerabilities.  Either way, the report won't be blank.

pen testing can be done with a number of different tools, freeware is available such as metasploit.  Commercial programs are available, but VERY expensive.  Core Impact is the best one that I've seen.
0
 

Author Comment

by:mirick
ID: 21806892
Excellent... I finally feel like I have a place to start.

Thanks to you both!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question