Ethical Hacking

A complete overview of Nessus  * What is NESSUS Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.  It does this by running  checks on a given computer, testing to see if any of these attacks could be used to break into the computer or otherwise harm it. *   What can NESSUS do ? It can scan for  Vulnerabilities that could allow unauthorized control or access to sensitive data on a system Misconfiguration (e.g. open mail relay) Denials of service (Dos) vulnerabilities Default passwords, a few common passwords, and blank/absent passwords on some system accounts *   How does  NESSUS Work  ? Each computer has thousands of ports, all of which may or may not have services (ie: a server for a specific high-level protocol) listening on them.  Nessus works by testing each port on a computer, determining what service it is running

 1) Make sure that your kali has the following setting in the following way 2) open kali and type the following command in the terminal to check ip address and copy it or remember it  the command is "ifconfig" 3) type the following command to start snort installation  sudo apt-get install snort 4) type your ip range as required 5) go to snorts directory and create a backup of the snort.conf as we will edit it soon  to create backups use the following commands  "cp snort.conf snort.conf.back" 6) we create another backup for the snort file to edit  using the command "cp snort.conf test_snort.conf" 7) we edit with a file editor i am using nano and put your ip range  using the command  sudo nano test_snort.conf 8) test your snort changes using the following command  the command is "sudo snort -T -i eth0 -c /etc/snort/test_snort.conf" 9) now we define our new rules  10) then we test it again using the command in step 8 11) then we start using our snor