Nessus – finding Linux-specific vulnerabilities
Nessus allows us to attack a wide range of vulnerabilities depending on our feed, and we will confine our list of assessing the vulnerabilities of our target to those specific to the type of information we seek to gain from the assessment. In this recipe, we will explore how to find Linux-specific vulnerabilities using Nessus. These are vulnerabilities specific to the machines that run Linux on our network.
Getting ready
To complete this recipe, you will need a virtual machine(s) to test against:
Metasploitable 2
Any other flavor of Linux
How to do it...
Let's begin the process of finding Linux-specific vulnerabilities with Nessus by opening the Mozilla Firefox web browser:
Log in to Nessus at
http://127.0.0.1:8834
.Go to Policies.
Click on Add Policy:
On the General tab, perform the following tasks:
Enter a name for your scan. We chose Linux Vulnerabilities but you can choose any name you wish.
Visibility has two options:
Shared: Other users have the...