💡 Big News! 🧙 AI Wizard - Instant Page Insights is Here : Explore Smarter, Friendlier Solutions Just for You →
security
Sys Scan

Introduction

This guide provides instructions for installing and using system and vulnerability scanning tools on a Linux system. These tools help ensure the security and integrity of your systems by performing various types of scans and assessments.

Tools Overview

  • Lynis: A security auditing tool for Unix-based systems.
  • OpenVAS: A comprehensive vulnerability scanner.
  • Nikto: A web server scanner that performs comprehensive tests against web servers.

Installation and Usage

Lynis

Lynis is a security auditing tool designed for Unix-based systems. It performs various security checks and provides a detailed report on system vulnerabilities.

  1. Install Lynis

    sudo apt install lynis

  2. Run a System Scan

    sudo lynis audit system
    • This command performs a comprehensive security audit of your system and generates a detailed report.

OpenVAS

OpenVAS (Open Vulnerability Assessment System) is a powerful tool for vulnerability scanning and management.

  1. Install OpenVAS

    sudo apt install openvas

  2. Setup OpenVAS

    sudo openvas-setup
    • This command installs and configures OpenVAS. The setup process may take some time. By default, OpenVAS operates on port 9392.

  3. Access OpenVAS

    • Open your web browser and navigate to https://localhost:9392 to access the OpenVAS web interface.

Nikto

Nikto is a web server scanner that performs various tests against web servers to identify potential vulnerabilities.

  1. Install Nikto

    sudo apt install nikto

  2. Run a Web Server Scan

    nikto -h example.com
    • Replace example.com with the domain of the web server you wish to scan. This command performs a security scan of the specified web server and provides a report of potential vulnerabilities.

Network Scanning with Nmap

Nmap Command

sudo nmap -sS -sV -T4 3.7.60.132

Breakdown:

  • sudo nmap: Runs Nmap with superuser privileges to enable advanced scanning techniques.
  • -sS: Performs a TCP SYN scan (also known as a half-open scan). This is a stealthy scan that identifies open ports without completing the TCP handshake.
  • -sV: Detects the version of the services running on open ports. Useful for identifying service versions to determine if they are outdated or vulnerable.
  • -T4: Increases the speed of the scan by adjusting timing options. T4 is suitable for faster scans but can be detected more easily.
  • 3.7.60.132: The target IP address you are scanning.

Command Explanation:

This command performs a SYN scan to identify open ports and service versions on the target IP address, while optimizing the scan speed.

Web Application Assessment

Nikto Command

nikto -h http://example.com

Breakdown:

  • nikto: A web server scanner that checks for vulnerabilities and misconfigurations.
  • -h: Specifies the target URL or IP address.
  • http://example.com: The target URL for the Nikto scan.

Command Explanation:

Nikto performs a vulnerability scan on the specified web server, looking for known issues such as outdated software, insecure configurations, and potential security holes.

Dirb Command

dirb https://example.com

Breakdown:

  • dirb: A web content scanner that performs directory and file brute-forcing.
  • https://example.com: The target URL for the Dirb scan.

Command Explanation:

Dirb attempts to find hidden directories and files on the web server by brute-forcing common names. This can reveal sensitive information or application endpoints that are not exposed in the web application's navigation.

Metasploit Framework

Metasploit Commands

msfconsole
search ssh
use auxiliary/scanner/ssh/ssh_login
show options
set RHOSTS 217.18.52.24
set USERNAME root
set PASS_FILE /home/devops/pass.txt
set VERBOSE true
run

Breakdown:

  1. msfconsole: Launches the Metasploit Framework console.

  2. search ssh: Searches for modules related to SSH (Secure Shell) within Metasploit. This helps in finding relevant scanners or exploits.

  3. use auxiliary/scanner/ssh/ssh_login: Selects the SSH login scanner module. This module attempts to brute-force SSH login credentials.

  4. show options: Displays the configuration options for the selected module, including required and optional parameters.

  5. set RHOSTS 217.18.52.24: Sets the target IP address for the SSH login scanner.

  6. set USERNAME root: Sets the username to use for login attempts. In this case, it's root.

  7. set PASS_FILE /home/devops/pass.txt: Specifies the path to the file containing potential passwords for brute-forcing. Each password will be tested with the given username.

  8. set VERBOSE true: Enables verbose output to provide detailed information about the scanning process.

  9. run: Executes the configured module with the specified options.

Command Explanation:

This Metasploit module attempts to brute-force SSH login credentials against the specified target. It uses a password list to try various passwords for the given username (root) and reports any successful logins.

Summary

  • Lynis: Use sudo lynis audit system to perform a security audit of your system.
  • OpenVAS: Install with sudo apt install openvas, configure with sudo openvas-setup, and access the web interface on port 9392.
  • Nikto: Install with sudo apt install nikto and run scans with nikto -h <domain>.
  • Metasploit: Install with sudo apt install nikto and run scans with nikto -h <domain>.
  • Dirb: Install with sudo apt install nikto and run scans with nikto -h <domain>.

These tools are essential for maintaining the security of your systems and web servers by identifying and addressing potential vulnerabilities.

This guide provides step-by-step instructions for installing and using Lynis, OpenVAS, and Nikto, which are crucial for performing security audits and vulnerability scans.

Openssl Cert Gen
🧙 AI Wizard - Instant Page Insights

Click the button below to analyze this page.
Get an AI-generated summary and key insights in seconds.
Powered by Perplexity AI!