-- Network scanning refers to a used for identifying hosts, ports and services in network
-- We gather information about the target using highly and aggressive recon techniques.
-- The purpose of scanning to is to discover exploitable communications channels
-- We Analyze the vulnerability scanning to check
1. Check live system and open ports
2. Perform banner grabbing and OS fingerprinting
3. Identify network vulnerabilities
4. Draw network diagrams of vulnerable hosts
-- In this we perform port scanning, network scanning and vulnerability scanning on IP address
1. Identify host names
2. Ports
3. Services
4. Live hosts
5. Vulnerabilities in service running on the port
-- Vulnerability scanning will determine the possibility of network security attacks.
1. Vulnerability Analysis Using Nessus
Tool : Nessus on Windows
-- In address bar of browser type https://localhost:8834 and press Enter
-- Sign in to Nessus with credential Username : admin and Password : password
-- Create a new policy under new policy link and see the Templates to scan
-- click the Advanced Scan and in the Host Discovery list Turn Off ping the remote host
-- select Port Scanning tab and check Verify open TCP ports found by local by port enumerators
-- Max number of TCP sessions per host and Max number of TCP sessions per scan tab give unlimited value
-- Configure the Credential tab. clicked on Windows and Specify the username and password will be given (AS143 /qwerty@123) and save
-- Select Plugins tab to select plugins and save it.
-- click Scan to open My scan page and crate new scan and click on User Defined tab and Select Network Scan Policy
-- Enter a IP adderes of target Machine and Launch the Scan and Scanning will be process
-- We have detailed report about each them with their severity
-- We also export as PDF and download
2. CGI Scanning with Nikto
Tool : Nikto (Linux tool)
-- Nikto is an Open Source web server scanner which perform
1. Checks for outdated version of servers
2. Version specific problem
3. Checking Server Configuration problem
-- Nikto is not a stealthy scan it scans webserver in the shortest time but will get logged in an IDS/IPS
-- Nikto help option
# nikto -h
-- We getting Ip address of site, Hostname, Port.
# nikto -h [website url] -Tunning 1
-- We can try with other commands to perform the vulnerability scanning on the website
