Cybersecurity Vulnerability Management Project using Nessus

Suraj wani🛡️
8 min readAug 3, 2024

--

Project Overview:

  1. Environment Setup: I will start by setting up a virtual environment using VMware Workstation Player, simulating a Windows 10 system.
  2. Legacy Software Installation: Within the virtual machine, I will install deprecated software, mimicking potential real-world vulnerabilities.
  3. Vulnerability Scanning: Employing cutting-edge vulnerability scanning tools, I will systematically assess the virtual machine for security flaws and vulnerabilities.
  4. Risk Identification: I will analyze the results of the vulnerability scans, pinpointing potential risks and security weaknesses.
  5. Remediation: The most critical part of the project will involve addressing these vulnerabilities. I will prioritize and remediate one or two vulnerabilities, reducing their risk to an acceptable level.
  6. Self-Observation: Throughout this process, I will keenly observe and document the changes and improvements in the virtual environment’s security posture.

Project Goals:

  • Enhance my personal skills and understanding of vulnerability management.
  • Independently identify and remediate vulnerabilities in a controlled environment.
  • Develop proficiency in risk mitigation techniques.
  • Create a comprehensive project report that serves as a reference for future security assessments.

Upon the project’s completion, I expect to achieve the following:

  • heightened awareness of the significance of vulnerability management.
  • Enhanced skills in assessing and remediating vulnerabilities.
  • A detailed project report captures the vulnerabilities, remediation process, and observed outcomes.

This solo project is an essential step toward advancing my expertise in cybersecurity and equipping me with the ability to secure systems against potential threats. By exploring vulnerability management and practically applying remediation techniques on my own, I aim to fortify my cybersecurity capabilities and contribute to a safer digital environment.

Index

Resources

Setup Virtual Machine

  • Windows 10 installation
  • Ensure connectivity with our VM

Create a new scan in Nessus

  • Inspecting the first scan (no credentials)

Configuring VM for credentialed scans

  • First scan with credentials
  • Inspecting the credentialed results

Installing a deprecated Firefox on our VM

  • Inspect the credentialed results after installing Firefox

Remediating some Vulnerabilities

  • Inspect the credentialed results after remediation

Conclusion

Reference and Gratitude

Resources

I will provide the links to resources that you will need to follow along if you wish to do so:

I won’t be covering the installation process for Nessus and VMware, but you can follow the directions on your own; it’s fairly easy.

Setup Virtual Machine

  • Open your VMware Workstation (you can choose to use VirtualBox as well) and create a new virtual machine, as shown below.
  • Select the Windows 10 ISO you downloaded before and click on next.
  • Choose “Customize Hardware”.
  • I am opting to give the VM 4 GB RAM, 4 processors and 50 GB disk size. If you do not know your PC specs or have a weaker system, you can choose to leave the default selections.
  • Under “Network Adapters” go to “Network Connection” and select “Bridged”.
  • Bridged networking places the virtual machine on the same network as your physical computer, facilitating easier communication between your Nessus implementation and the virtual machine.
  • Now select “Configure Adapters” and uncheck VirtualBox Host-Only Ethernet Adapter. (Note: I don’t know if this is an option in all systems or if it is because I have VirtualBox installed as well but when I launched the VM and checked for an IP address, it didn’t have any and deselecting this fixed the issue for me.)
  • Click on “Finish” when done.

Windows 10 installation

  • For the windows 10 installation,. Click on “Install Now”.
  • Select the “Windows 10 Pro” OS and select “Next”.
  • Select “Custom: Install Windows Only (advanced)”.
  • Select the drive you allocated in the beginning when setting up the VM with 50 GB disk size and wait for it to finish installing.
  • When asked to connect to the internet, select “I don’t have internet”.
  • Under Network select “Continue with limited setup”.
  • Set your username and password to anything you want but remember it since we will need it later.
  • Unselect everything under services.

Ensure connectivity with our VM

  • Wait for Windows to finish up installing and then open up your command prompt.
  • Now we will check the IP address using “ipconfig”.
  • Now navigate to Windows Defender Firewall with Advanced Security and turn off Domain Profile, Private Profile and Public Profile by selecting Windows Defender Firewall Properties.
  • Now on your main system, open command prompt and ping the VM with it’s IP address: “ping [IP address of VM].”

Create a new scan in Nessus

  • Now open Nessus Essentials (if this is your first time launching it, it will take some time to open) and start a new scan.
  • Now under "Vulnerabilities,” select “Basic Network Scan.”
  • Rename the scan to Windows 10 Single Host (or anything you want, really) and input the IP address of the VM into the target.
  • Now run the scan.

Inspecting the first scan (no credentials)

  • Once the scan is complete, you can see the host and the number of vulnerabilities, along with their severity.
  • Under Vulnerabilities, you can see a list of vulnerabilities with their severity and CVSS score. You can read more about them by clicking on them.

Configuring VM for credentialed scans

  • Navigate to “Services” on your VM, find Remote Registry, and change the “Startup type” to "Automatic.”.
  • Now go to “User Account Control Settings” and turn the notification setting to “Never notify.”.
  • Go to “Registry Editor” and navigate to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
  • Create a new “DWORD (32-bit) Value”.
  • Now name it “LocalAccountTokenFilterPolicy” and set value to 1.
  • Now move back to Nessus and select “More” and then select “Configure”.
  • Move to Credentials and Set the username and password you set up at the beginning.

First scan with credentials

  • Save the settings and run the scan.

Inspecting the credentialed results

  • Here you can see that under hosts, we can find a lot more vulnerabilities than what we found without the credentialed scan.
  • Under vulnerabilities, you can find much more severe issues.
  • credentialed scan also provides possible remediation measures for you, as shown here.

Installing a deprecated Firefox on our VM

  • We will now introduce some vulnerabilities to the VM.
  • Download an old deprecated version of Mozilla Firefox: Here
  • Select Firefox Setup 3.6.12.exe and proceed to install the browser.

Inspect the credentialed results after installing Firefox

  • Run another credentialed scan, after which we will inspect the results.
  • It is observed that the number of critical vulnerabilities have spiked, and it has introduced a whole bunch of other vulnerabilities as well.
  • We can see much more detailed information under vulnerabilities.
  • It can also be observed that a possible remediation measure is to upgrade Mozilla Firefox to a later version.

Remediating some Vulnerabilities

  • Here, I am choosing to remediate the issue by uninstalling Firefox.
  • Navigate to Programs and Features in COntrol Panel and find Firefox to uninstall it.
  • We will also remediate some other issues by updating Windows and restarting the VM.

Inspect the credentialed results after remediation

  • Run another credentialed scan and look at the results.
  • We can see a noticeable difference in the number of vulnerabilities.

Conclusion

  • In conclusion, this project on vulnerability management involved the setup of a virtual machine running Windows 10 with deprecated software, followed by a comprehensive vulnerability assessment. The process began with the installation of VMware Workstation Player to create the virtual environment and the subsequent installation of outdated software to simulate a vulnerable system.
  • Vulnerability scans were conducted to identify potential security weaknesses, ranging from outdated software to misconfigurations. The project also included the crucial step of remediation, where selected vulnerabilities were addressed to reduce associated risks. Furthermore, a credentialed scan was performed to offer a more accurate and comprehensive assessment of the system’s security.
  • The project yielded valuable insights, as it was observed that the remediation efforts led to a reduction in the number of vulnerabilities after the credentialed scan. This outcome underscores the effectiveness of proactive vulnerability management in improving the security posture of the virtual environment. It also highlights the importance of regular vulnerability assessments and timely remediation as essential practices in safeguarding systems and networks against potential cyber threats.

--

--

Suraj wani🛡️
Suraj wani🛡️

Written by Suraj wani🛡️

Aspiring Cybersecurity and Ethical Hacking Professional đź”’| VAPT | Security Researcher | Digital Forensics |

No responses yet