Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: how to learn nessus - reg

from [uber haxor] Network Security [Permanent Link]
Subject: Re: how to learn nessus - reg
Date: Thu, 29 Sep 2005 08:47:30 -0700 
Below is a good starting point and takes you via screenshots through the
basics. If networking skills are a little rusty, look up TCP/IP Illustrated
Volume I (The Protocols) by Dr. Stevens as refresher in client/server
models. Getting firewall rules sets and border router ACLs setup to filter
properly will depend on your knowledge of the topic. Remember the direction
of flows when writing filter lists of any kind. If you suspect something is
not working the way you intended, the quickest resolution is placement of a
laptop on the inside, and another on the outside. Next punch a hole in your
firewall and/or ACL for the external (outside) and internal (inside)
networks. Also remember these tools have a purpose. It was a two million
dollar outage that I was troubleshooting for ten hours because our
Information Assurance Green Team set Nessus to run automated and had their
flags wrong. The result was a DoS from the inside of the network, and with
all the disinformation that we received, it took way too long to figure it
out. These scans can mimic worms, and without Netflow, Microflow, NBAR, CAR
and a few other QoS tricks that have been setup as part of Continuity
planning, your network can quickly turn into a ping pong table with hundreds
of routers and layer three switches amplifying 2-16 different types of ICMP,
unlimited amounts of half opens, UDP flooding, and the worst TCP retransmits
that never get a syn/ack from the other end which brings your network to
it's knees. The result is a great deal of stress, sleep deprivation, hunger,
dehydration and general unpleasantness (Especially if you haven't had a cup
of coffee when you get lit up).

http://www.securityfocus.com/infocus/1741

Respectfully,

-C

On 9/29/05, Josh Zlatin-Amishav <josh@tkos.co.il> wrote:


On Thu, 29 Sep 2005, Sudhakar Srinivasan wrote:


Hi,

I am newbie to the nessus. Can anybody tell how to learn nessus in
procedural way?.


See: http://nessus.org/documentation/. There are several tutorials that
will help get you started. I also recommend reading Nessus Network
Auditing.

--
- Josh



Thanks in advance

Regards
Sudhakar. S


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Nessus crashed Tivoli DSM service and POP & IMAP services, Michael Hale
Next by Date:  Type of plugin feed : Registered (7 days delay) ???, saverio . ferraro
Previous by Thread:  Re: how to learn nessus - reg, Josh Zlatin-Amishav
Next by Thread:  Re: how to learn nessus - reg, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]