Blog

Nessus, developed by Tenable, is a security vulnerability scanning tool that checks for weaknesses in devices, networks, applications, operating systems, and cloud services. While Nessus is a Proprietary software, there is also a free community version. The community edition of Nessus is called Nessus Essential by Tenable. Allows users to scan up to 16 IP addresses for free. I plan to use this tool to scan my lab environment as it perfectly meets my requirements. Now that you understand what Tenable Nessus entails, let’s proceed with the installation process. Click here to download the Nessuss Installer from the Tenable website. Fill out the form to register for an activation code. Click Get Started. Check the box next to Register for Nessus Essentials and click Continue. Click the Download button to visit the Nessus download page. Choose the download version and platform (Operating System) and click the Download button to download Nessus Essential Installer. Click the I Agree button to agree to the License Agreement. And the installer will start downloading. Open File Explorer on your computer and locate the downloaded Nessus Essential Installer. Double-click the installer. The InstallShield wizard appears. Click Next and follow the steps. Check the box next to I accept the terms in the license agreement and click Next. Choose what location to install Nessus. Example C:\Program Files\Tenable\Nessus. Click Next. Click Install to install Nessus. Nessus essential is now installed successfully. Click on the Finish button. Nessus opens up in your default browser. Nessus uses port 8834; Link here. Click the Connect via SSL button. Skip this step, as we received an activation code from Nessus in the initial process. Locate the email and enter the activation code received earlier in the installation process. Click the Continue button Click the Continue button to proceed with the installation. Wait while the plugins download. Now it’s time to log in to Nessus. Click the Advance button, then click the Proceed to localhost (unsafe). Enter the username and Password created in the initial process, then click the Sign In button as shown in the screenshot below. Success, we are in!

The Qualys Virtual Scanner Appliance enables you to maintain a perspective on security and adherence to regulations. It possesses the same scanning functionalities as the physical scanner appliance. It is a stateless resource that can be disposed of, serves as an extension of the Qualys Cloud Platform, and does not require separate management. Now that you have some understanding of what Qualys Virtual Scanner Appliance is. Let’s proceed with the installation process. Installing Qualys Virtual Scanner Click here to create your 30-day free Qualys VMDR trial account. Login to your Qualys account and choose VMDR, as shown in the screenshot below. Alternatively, you can navigate to VMDR by clicking the drop-down arrow next to the VMDR button at the top left and Choosing VMDR, as shown in the second screenshot below. To create a new Virtual Scanner Appliance, Click on Scans,===>>>Appliances; under Appliances, click on the drop-down arrow next to the New button, and select Virtual Scanner Appliance. Click on the Start Wizard button. Name your appliance and choose a virtualization platform by clicking the drop-down arrow and clicking Next. For this example, I am using Vmware Workstation. A pop-up appears showing instructions on how to configure the virtual scanner Locally. Click the Next button. Copy the personalization code to a safe place (You will need it later). Configuring Qualys Virtual Scanner Open up a virtualization platform of your choice. I am using Vmware Workstation In this example. Click File===> Open====>> Locate the Virtual Scanner image downloaded earlier on your local system. Click on the image to import it. Name your Virtual Machine and choose a storage path for the machine. Click the Import button. An IP address is automatically configured for your virtual scanner with DHCP. If you want, you can set a static IP address instead by selecting “Set up the network (LAN).” A screen appears like the screenshot below. Using the keyboard, enter the personalization code you copied earlier. If you don’t have the code, follow these steps to get it. In your Qualys VMDR account. Scans > Appliances > Personalization code, as shown in the second screenshot below. The activation process begins, as shown in the screenshot below, and you’ll see the progress. Wait for the activation process to complete. This may take a few minutes to complete. Once the process is completed, you will see your scanner’s name and IP address, as shown in the screenshot below. You have successfully added your virtual scanner to your account. You can see it In your Qualys VMDR account. Scans > Appliances, as shown in the second screenshot below.

In your Qualys VMDR account, click the drop-down arrow at the top left and select VMDR. Click on the assets tab > Asset Groups. Click the New button. Name your new asset group. Click on IPs and add your IP addresses or IP address range. Set the business impact by clicking on the drop-down arrow. In this example, the business impact is High, as shown in the screenshot below. Do you have a comment? Type your comment in the comments box. Click the Create button. Upon successful creation, you should see your newly created asset group, similar to the screenshot below.

Configure Windows Domain Authentication Account in Qualys VMDR: A Step-by-Step Guide Requirements for this Lab We need to create a new AD Domain user account for Qualys in the Active Directory Domain Controller named “qualys_account” and add the user to the Global administrator group. How to create an Active Directory Domain user To create a new AD Domain user account, type Control Panel in the search box Click Control Panel as shown below. Change your “view by” on the top right to small icons. To easily locate Administrative Tools. Click Administrative Tools. Double-click Active Directory Users and Computers. Right Click Users > New > User. Enter qualys as the first name and account as the last name. “qualys_account” is in the full name box. Enter “qualys_account” in the User logon name and click the Next button. Create and confirm a password for the new user. Check the box next to User must change password at the next logon if you want to change the password. For this example, I do not want to change the password, so I checked Password never expires. Click the Finish button. How to add an Active Directory User to a Domain Admins group Next, let’s add the user to the Domain Admins group. User > Right-click the “qualys_account” > click Add to a group Type Domain Admins, click the Check Names button to make sure it’s a valid group, and click OK. Right-click on”qualys_account” and click property. Click Member Of. Click Domain Users and click the Remove button, as shown below. This is to make sure this user only belongs to the Domain admin group, according to Qualys. How to Create Windows Authentication in Qualys VMDR Now, let’s create Windows Authentication in Qualys VMDR. In your Qualys VMDR account, click the drop-down arrow at the top left and select VMDR. Click on the scans tab > Authentication. Click the New button > Operating Systems > Windows. Click on the Record Title and give your authentication a name. Click on the Login Credentials button on the left, as shown in the screenshot below, and choose Active Directory as your domain type. Make sure Basic authentication is checked. Create a username and password using the credential for the “qualys_account” user we created in the AD Domain controller earlier. Qualys Authentication Protocols Qualys uses the following Authentication Protocols for authentication scans. Attempts to use from the most secure protocol to the least secure protocol on the target host. NTLMv1 is unchecked by default. The default authentication protocols are Kerberos and NTLMv2. Leave it as default and click the Save button. Click on the IPs on the left, as shown in the screenshot below. Enter your target IP addresses or IP address range. Click on comments, type in your comment (Optional), and click the Save button. To see your newly created Windows Domain Authentication, Click on the scans tab > Authentication as shown below. In the next lab, we are going to use our newly created Windows Domain Authentication to perform an authentication scan in Qualys. Click here to learn how to launch an Authenticated scan in Qualys virtual appliance. Reference Qualys Windows Authentication

In your Qualys VMDR account, click the drop-down arrow at the top left and select VMDR. Click on the scans tab > Authentication. Click the New button > Operating Systems > Unix. Click the Login Credentials button on the left, as shown in the screenshot below > Create your username and password. Select Sudo as your Root Delegation and enter the sudo password. Click Save. Click on the IPs on the left, as shown in the screenshot below. Enter your IP addresses or IP address range and click the Create button. To check your newly created Unix Auntentiation, Click on the scans tab > Authentication.

Qualys Cloud Agent allows you to gain instant, global visibility of your IT assets. It Can monitor assets that are impossible or difficult to monitor with network scanners. The Qualys Cloud Agent is lightweight and can be installed on any host such as a desktop, laptop, server, or virtualmachine. It collects data continuously about the assets they are installed on. Whether the assets are offline or online. Click here to create your 30-day free Qualys VMDR trial account. You will be presented with the welcome screen as shown in the screenshot below. Click on the Download Cloud Agent button. Choose your Operating System. I am using the Windows Operating System in this example. Click the Download button. Copy the code in the installation steps presented. You don’t have the welcome page? You can download the Qualys Cloud agent by clicking the drop-down arrow on the top left and clicking Cloud Agent as shown in the screenshot below. Click on the drop-down arrow next to the Default VMDR Action Key. Click Install Agent Click on the installation instructions button for Windows. Copy the code and click on the Download.exe button to download the Agent. Qualys Cloud Agent is now downloaded successfully. If this isn’t the machine you want it to be installed on, copy the agent to the intended machine. To install the Agent, run your command prompt as administrator. Change the Directory using the cd command to where your agent is located on your system. Now, paste the code you copied and press enter. The agent is successfully installed. And you can view it in your Qualys account under the Agents tab as shown in the screenshot below.

First, find out your dynamic Ip address assigned by the DHCP. To do this, open the terminal, type ip -a and press enter. This gives you the information as shown in the screenshot below. Click the Networking icon by the top left. Click Setting > Network, and click the setting icon next to the Connected -100Mb/s under the Wired. Click the ipv4 tab. Change the IPv4 Method from Automatic(DHCP) to Manual Enter your IP address, Netmask, Gateway, and DNS Server as shown in the screenshot below. You can use the Ip address noted earlier or use a new Ip address. Click the Apply button to save the changes. Toggle the button next to the Connected -100Mb/s under the Wired to turn it off and turn it back on. To confirm the setting has been applied successfully, open your terminal. Type IP address show or ip -a. The scope global has changed from dynamic to noprefixroute. Setting static IP address in Ubuntu 22.04 using the command line. Open your terminal, type ip -a and press enter. Take note of your ens33 of your machine In this version of Ubuntu, network-manager uses the YAML backend that is based on libnetplan. We need to edit /etc/netplan/01-network-manager-all.yaml to do this. Open your terminal, type sudo nano /etc/netplan/01-network-manager-all.yaml, and press enter. Enter your sudo password. Click here to check if your command is a valid YAML. Copy and paste your command in and click the Go button as shown in the screenshot below. Paste your command in as shown below. Press ctrl x to exit and save Another way you can check to make sure you have a valid YAML is by typing netplan generate and pressing enter after saving the command. Now type sudo netplan apply to apply the rule. Type ip -a or ip address show and press enter to confirm the changes.