Advanced Vulnerability Scanning Techniques Using Nessus
Paul Asadoorian, Tenable Network Security
|// july 24 - 27|
USA 2010 Weekend Training Session //July 24-25
USA 2010 Weekday Training Session //July 26-27
This course teaches advanced scanning techniques by using a real-world scenario to demonstrate how these techniques help to solve problems in an example work environment.
In this course you (or you and your team) will take on the role of a brand new security engineer for a financial company. You will be tasked with configuring and auditing a system to be used within your network environment. The system, and associated applications, make up the environment used to manage the business. Currently, the old systems are in place and an upgrade is planned. The current vulnerability scanning process takes over a week to complete and there is duplication of effort and a known false positive rate. Additionally, breaches have occurred on the network and your company is in jeopardy of being fined due to compliance violations. The vulnerability management process is missing vulnerabilities that were exploited by attackers. A sample system has been provided for you, that exactly mirrors what will be used in production, right down to the passwords and configuration.
- Audit the system for any vulnerabilities, including web application, network, missing patches, weak passwords and mis-configurations.
- Define a repeatable vulnerability scanning process for continued auditing of these systems
- Implement a process and configuration to help eliminate false positives & false negatives
- Develop a performance enhancing plan for vulnerability management against these systems
- Develop a custom report that shows any vulnerabilities and/or configuration problems and how to fix them
- Advanced Network Scanning
- Web application scanning
- Writing custom .audit files
- Interfacing With The Nessus API
- Importing & Using Nessus reports in other tools
- Debugging & Troubleshooting Nessus Scans
Who Should Attend:
Students who are familiar with Nessus, but wish to learn more advanced method of vulnerability scanning. This includes security engineers, penetration testers, and systems administrators.
Students must be familiar with vulnerability scanning using Nessus on a Unix platform, TCP/IP, and have experience with a scripting programming language.
What to bring:
- x86-compatible 1.5 Ghz CPU Minimum or higher
- DVD Drive
- 1 Gigabyte RAM minimum or higher
- Ethernet adapter
- 5 Gigabyte available hard drive space
You are required to bring Windows 7 (Professional or Ultimate), Windows Vista (Business or Ultimate), Windows XP Pro, or Windows 2003 or 2008 Server, either a real system or a virtual machine.
You must have either the free VMware Player 1.0 or later or the commercial VMware Workstation 4.0 or later installed on your system prior to coming to class.
what you will get:
- Nessus Professional Feed Software
- DVD with Vmware image
Paul Asadoorian: is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the author of “WRT54G Ultimate Hacking,” a book dedicated to hacking Linksys routers.