ABSTRACT
This chapter focuses on the Nessus vulnerability scanner. Vulnerability scanners scan computers, networks, or applications looking for potential weaknesses that could be used by attackers to compromise the target. The way a vulnerability scanner works is that it probes the system by sending specific data to the target host/network, and based on its analysis of the response received from the target, it can determine many things such as the following: open ports, services, operating system, and vulnerabilities. The advantage of any vulnerability scanner is task automation; it can automate many tasks such as reconnaissance, port scanning, service, and version detection. The nmap scripting engine has a script named "smb-check-vulns", which will automatically test the specified targets against this vulnerability and report if a certain target is vulnerable to it. The problem with a vulnerability scanner is that it can produce lots of false positives, meaning that it will report vulnerabilities in the target that may not exist in reality.
