The nessusWX client program has been connected successfully with the server in previous post. Let’s continue the process and start a simple scanning.

Step 6: Start a new scan session

Step 7: Fill in the any name for the new scan session

Step 8: The new scan session (Scan 1) has been created

Step 9: Configure the properties for the new scan session

Step 10: Add target for the scan

Step 11: Select ports to be scanned

Step 12: The scan target has been added

This is just a brief introduction. Actually, the appropriate plugins for each scan should also be selected.

Step 13: Execute the new scan session

Step 14: Configure the report

Step 15: Scan in progress

Step 16: Scan finished and click the ‘Close’ button

Step 17: The result of the scan is prepared

Step 18: Analysis the report and check each vulnerability found

Now we have a good list of server vulnerabilities found, the next step is how to solving or eliminating them. Some vulnerabilities are simple and very easy to solve. Moreover the Nessus report will often include a link to a patch or a reference to a patch that assist you to solve the problem.

Conclusion:

To start a scan is sometimes easy. The most important and difficult part is how to analyze and understand the report generated by the security scanning.