Skip to content
/ Task-3 Public

Basic vulnerability scan on localhost using Nessus Essentials (Cyber Security Internship Task 3)

0 stars 0 forks Branches Tags Activity
Star

Dhanushroot/Task-3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

7 Commits
screenshots
screenshots
Β 
Β 
README.md
README.md
Β 
Β 
localhost_tnttaq.nessus
localhost_tnttaq.nessus
Β 
Β 

Repository files navigation

πŸ›‘οΈ Cyber Security Internship β€” Task 3

πŸ” Basic Vulnerability Scan Using Nessus Essentials

🎯 Objective

Perform a vulnerability assessment of the local machine using Nessus Essentials, identify common security risks, and document findings with mitigation recommendations.

🧰 Tools Used

  • Operating System: Kali Linux
  • Tool: Nessus Essentials (Community Edition)
  • Target: Localhost (127.0.0.1)

βš™οΈ Scan Configuration

  • Scan Type: Basic Network Scan
  • Scanner Type: Local Scanner
  • Policy: CVSS v3.0
  • Target: 127.0.0.1
  • Duration: ~8 minutes
  • Status: Completed

πŸ“Έ Screenshots

Below are the screenshots captured during the scanning process:

  1. Network Configuration ifconfig

  2. Nessus Dashboard Nessus Dashboard

  3. Scan Template Selection Scan Templates

  4. Scan Target Setup Scan Setup

  5. Scan Launch Scan Launch

  6. Scan Running Scan Running

  7. Scan Completed - Results View Scan Results

πŸ“Š Scan Results Summary

Severity Count
Critical 0
High 1
Medium 3
Low 8
Info 50+

Total Vulnerabilities Detected: 62

🚨 Key Findings

1. Ruby REXML DoS Vulnerability (CVE-2021-28965)

  • Severity: High (CVSS 7.5)
  • Description: A denial-of-service vulnerability exists in Ruby REXML before 3.4.2.
  • Mitigation: Update Ruby REXML gem to version 3.4.2 or later.

2. SSL/TLS Configuration Issues

  • Severity: Medium
  • Description: Multiple SSL/TLS weaknesses detected (deprecated protocols).
  • Mitigation: Disable TLS 1.0/1.1 and weak ciphers in system configuration.

3. SSH Multiple Issues

  • Severity: Medium
  • Description: Weak SSH algorithms or outdated configurations.
  • Mitigation: Restrict SSH to strong ciphers such as AES-256-CTR and SHA2.

4. Apache HTTP Server Multiple Issues

  • Severity: Low
  • Description: General information disclosure and outdated modules.
  • Mitigation: Keep Apache packages updated and disable unused modules.

🧠 Key Learnings

  • Understood how Nessus Essentials performs vulnerability detection using CVE and CVSS scoring.
  • Gained practical knowledge of network scanning and system-level security auditing.
  • Learned to differentiate between vulnerability severities and prioritize remediation efforts.

🧩 Concepts Covered

  • Vulnerability Scanning
  • Risk Assessment
  • CVSS (Common Vulnerability Scoring System)
  • Remediation Practices
  • Security Tool Configuration

πŸ“ References

βœ… Outcome

Successfully completed a local vulnerability scan using Nessus Essentials on Kali Linux, identified 62 vulnerabilities, and documented findings with mitigations.

Author

  • Cybersecurity Intern – Task 3
  • Your Name : DHANUSH S
  • Date: 24 Oct 2025

About

Basic vulnerability scan on localhost using Nessus Essentials (Cyber Security Internship Task 3)

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published