Nessus Vulnerability Assessment

Practice turning scanner output into a readable vulnerability assessment with risk, evidence, and remediation language.

• Configured a Basic Network Scan in Nessus Essentials for the Metasploitable2 target at 192.168.128.2.
• Ran Nmap service detection against the same target to document exposed services.
• Reviewed Nessus host and vulnerability summaries after scan completion.
• Separated informational output from actionable critical, high, medium, and low findings.
• Wrote a CVE summary for CVE-2014-3566 POODLE based on scan evidence.

• Nmap identified 23 open TCP services, including FTP, SSH, Telnet, SMTP, DNS, HTTP, SMB, NFS, MySQL, PostgreSQL, VNC, IRC, Tomcat, and a bind shell on port 1524.
• Nessus reported a completed scan with multiple critical, high, medium, low, and informational findings.
• The host summary showed a single target with failed authentication and many informational findings.
• CVE-2014-3566 POODLE was documented as a critical SSL 3.0 weakness with remediation guidance to disable SSL 2.0 and SSL 3.0 and use TLS 1.2 or higher.

• Scanner findings are a starting point for analysis and need validation against service evidence.
• Combining Nmap output with Nessus findings makes the final report easier to explain.
• Clear remediation guidance is as important as identifying the issue.

• Create before-and-after remediation tracking.
• Add screenshots directly into the written lab report.
• Export findings into a reusable report format.

• Tenable Nessus documentation
• Nmap Reference Guide
• CVSS documentation