Saturday, August 14, 2010

Nessus vulnerability and Port scanner


The Nessus® vulnerability scanner is the leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. 

Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

Features:
 1. Vulnerability Scanner
 2. Port Scanner
 3. Host and Device detection

 4. Can be used to scan NETBIOS (Windows and Samba) servers
 5. Profiles (Scan Policies) for target scans, with specific exploits to query
 6. Reporting
 7. Client/Server enabled; multiple clients may use the central Nessus server
 8. Client support for Windows, Linux, etc.
 9. Runs as a service, awaiting inbound PenTest requests
10. Penetration testing tool
11. Nessus can be automated
12. Supports plug-ins for vulnerability signatures
13. Supports parallel scanning of targets

Installation and Usage:
 1. Download Nessus from http://www.nessus.org/download/and install
 2. Register nessus using 'nessus-fetch', with provided code
    a. /opt/nessus/bin/nessus-fetch --register
 3. Install Nessus Client and Explore the interface
    a. rpm -Uvh NessusClient*
4.  It  comes with built in web interface to perform the scan from any system

On the Nessus Client Interface, 
 4. Perform a PenTest of the localhost
 5. Perform a PenTest of the local network and Generate Report
 6. Evaluate results

Nessus will auto-update its plug-ins after registration, every 12-hours

Best way to Restore the forgotten the BIOS/CMOS password

1) Boot up windows.
2) go to dos-prompt or go to command Prompt
3) type the command at the prompt: “debug”

4) type the following lines now exactly as given…….
o 70 10
o 71 20
quit
4) exit from the dos prompt and restart the machine
password protection gone!!!!!!!!!!!!!

Connecting an iSCSI storage to a Linux Server


To connect a Linux Server to an iSCSI storage, Follow the steps

1. Install “iscsi-initiator” RPM Package in the linux server
2. Usually iscsi unique id located in the /etc/iscsi/iscsid.conf. provide this to your storage admin to assign the
    LUN
3. Use the command “iscsiadm -m discovery -t sendtargets -p
4. Then do “service iscsi restart”
5. Now give “fdisk –l”. Now you can able to see the new disk detected in the linux server.
6. create a file system on the disk and mount the same

You are done :)

TFTP Server Installation in Linux

I have provided the simple step by step commands to setup TFTP Server in Linux

Install tftp-server package

mkdir /tftpboot
mkdir /tftpboot/linux-install
cd /tftpboot/linux-install/
cp /usr/lib/syslinux/pxelinux.0
mkdir (os-identifier) --> create no of dir for no of distro's
mkdir msgs
mkdir pxelinux.cfg
cd pxelinux.cfg
vi default ---> provides boot menu configuration
copy /images/pxeboot/vmlinuz and initrd to /tftpboot/linux-install/

Note : do the above step for all different distributions

vi /etc/xinetd.d/tftp ---> Enable tftp if disabled

service xinetd restart
chkconfig --level 345 xinetd on
chkconfig --level 345 tftp on


Configuring DHCP to Boot From TFTP:
------------------------------------

In Linux,
----------
1. vi /etc/dhcpd.conf
2.add following

allow booting;
allow unknown clients;
allow bootp;

network xx.xx.xx.xx xx.xx.xx.xx {

tftp-server "servername"
bootfile "linux-install/pxelinux.0"

}

In Windows,
-------------
open dhcp console... Click Configure Options..

set the following options

bootserver --> TFTP Server IP
bootfile ---> "linux-install/pxelinux.0"
bootserver name ---> your tftpserver name


boot the client through pxe booting... You will get the boot menu, which you configured in server