Skip to main content
HashnodeAkbar | Cybersecurity Write-upsAkbar | Cybersecurity Write-ups

Command Palette

Search for a command to run...

Nessus Vulnerability Assessment on Metasploitable 2

Published
3 min read
M
Muhammad Akbar Aulia
Just a random kid that study kind of hard tech fields.

Introduction

Metasploitable 2 is a virtual machine designed to be vulnerable and used by cybersecurity professionals for penetration testing and security research.

Overview of Metasploitable2

Nessus is a vulnerability assessment tool that functions to scan vulnerabilities in a system quite comprehensively. Nessus must be used wisely and not violate the law, such as scanning systems without legal permission. Therefore, I use Metasploitable 2, which is designed to be vulnerable and also legal for my lab targets.

Nessus Vulnerability Scanner

Nessus Setup and Scanning Process

So, I installed the Nessus Vulnerability Scanner on my Kali Linux virtual machine. I used Nessus Essential to scan Metasploitable 2 as the target lab. The purpose of this assessment was to identify which services were exposed, the causes, and how to mitigate them.

I performed a basic network scan on the Metasploitable 2 virtual machine's IP address, and the scanning process took quite a long time because Metasploitable 2 is highly vulnerable and has many exposed services.

Key Findings from Nessus Scan

Nessus identified multiple active network services running on the Metasploitable 2 host with Linux OS, including FTP, SSH, HTTP, and VNC. These exposed services contribute to an expanded attack surface and may introduce security risks if misconfigured or outdated.

High-Severity Vulnerabilities

  • VNC Server ‘password’ Password

    There is a VNC server with port 5900 open and has weak authentication, namely the default password ‘password’ which can be brute-forced. Attackers can easily access the VNC Server because the password is very weak, allowing them to tamper with the system and gain full control directly from the GUI

  • Bind Shell Backdoor Detection

    There is a shell listening on port 1524 and it has no authentication whatsoever. Attackers can connect to the port and take over the shell, executing unwanted commands.

Medium and Low-Severity Vulnerabilities

Medium and low-severity vulnerabilities were primarily related to outdated service banners and configuration weaknesses. While these issues may not lead to immediate compromise, they could assist attackers during reconnaissance.

Impact of Identified Vulnerabilities

If these vulnerabilities are left unaddressed, they could lead to unauthorised access and data leak. They could also impact the confidentiality, integrity and availability of the system.

Mitigation Strategies

Immediately make remediations, including patching outdated services, disabling unnecessary services, and strengthening authentication mechanisms

For long-term security improvements, hardening, network segmentation and regular scanning are recommended. Do not forget to also carry out security monitoring and incident response.

Conclusion

It turns out that conducting vulnerability assessments using tools such as Nessus has greatly helped me identify system vulnerabilities and immediately make improvements to make the system more secure.

In my opinion, organisations out there should frequently conduct assessments and apply system mitigations.

References

#cybersecurity#blueteam#information-security#vulnerability-assessment
25 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

A

Akbar | Cybersecurity Write-ups

2 posts

Cybersecurity enthusiast focusing on vulnerability assessment and defensive security.