PKI and Nessus Vulnerability Scanning

PKI and Cryptography

A cryptography key refers to a character string employed in an encryption algorithm. It alters data to facilitate scrambling.

PKI (Public key infrastructure) is used to create, store, and digital certificates intended to verify certain public keys. A public key facilitates data encryption, while a private key aids in decrypting data. 

A digital certificate provides information about public key and details like domain name. PKI enables users to share information securely. 

A public key is described as a long number that helps people and organizations encrypt data. It is a cryptographic key used for data encryption and authentication of holders and devices (Cloudflare, n.d.). Both keys have a mathematical relationship. However, it is difficult to generate a private key from a public one. 

As a small document, a digital certificate has content about the holder. Such content includes email address, public key, email address, website name, and expiry date (IBM, 2023).

The certificate authority is responsible for signing the digital certificate. The owner uses the certificate to verify and authenticate their sense of identity (“What is Public Key Infrastructure,” 2023).

Individuals and organizations use PKI to engage in secure communication. PKIs facilitate data encryption and decryption through public and private keys. They also promote data integrity and authenticity through signatures and help communicators of messages vouch for their identities through digital certificates (“What is Public Key Infrastructure,” 2023). 

How Messages Are Sent Using PKI 

The following steps indicate how to send messages using public Public Key Infrastructure (PKI):

  • Items needed to send a message via PKI: the receiver’s public key and digital certificate 
  • These items are available on sources like web servers and public directories. 
  • The sender uses the public key to undertake data encryption.
  • They also use their private key and certificate to sign the message 
  • The message with signature and encrypted bits is shared online. 

People and organizations can send messages using PKI. The sender should have a digital certificate and public key to share information via PKI. They can get these details from the receiver’s web server and public directory. 

Data encryption prevents exposing the message to unauthorized parties, fosters data integrity, and allows communicators to interact without leaking sensitive data (TechTarget Contributor, 2021).  A message signature helps proves the identity, prevents text tampering, and reduces risks of altering while in transit. 

How Messages Are Received Using PKI 

The following steps can be taken when receiving messages using public Public Key Infrastructure (PKI):

  • The receiver requires their personal key and the sender’s digital certificate and public key to decrypt the message. 
  • They can retrieve these items from the sender’s server and directory. 
  • The receiver uses a private key to decrypt the information received. 
  • They read the message on the screen following the decryption and verification processes. 

Once the receiver gets the message, they decrypt it using their personal key. They have an option to authenticate the message using the sender’s public key and certificate. 

Only the recipient has the authority to decrypt the message. This restriction allows the message to reach the intended receiver (TechTarget Contributor, 2021).  

The authentication process aids in vouching for the sender and protects the message from any alterations. 

Nessus and How It Works

Nessus is a tool used to scan security vulnerabilities in a network. It utilizes Common Vulnerabilities and Exposures (CVE) architecture to detect vulnerabilities likely to attract malicious attacks (CMU, n.d.).

Scanning ensures that hackers have no room to exploit a network and create damage.   

A running Nessus server is required to perform a scan.  This tool works by testing each computer port and checking and testing the running service to ensure it is risk-free (CMU, n.d.).

Nessus is capable of scanning different categories of vulnerabilities, including software flaws, weak passwords, malware, Denial-of-service (DoS) vulnerabilities, and Misconfiguration errors. It can produce reports in formats like HTML and PDF. Such reports list the vulnerabilities detected and recommend ways to manage them. 

Nessus is among the well-known port scanning tools in the digital sector. 

The technician uses Nessus to scan each computer port and the service running to determine whether it has exploitable vulnerabilities. 

Testing the computer and the running service helps ensure there are no vulnerabilities to exploit. Technicians can use the recommendations highlighted in the Nessus report to take effective interventions, mitigating the risks of future damage by malicious attackers (CMU, n.d.).

Nessus Hosts and Brief Overview of the Host 

Localhost (127.0.0.1) is a good example of a Nessus host.  This host is locally installed on the user’s device. The localhost serves as the local address. 

A technician can use Nessus Professional Edition to perform a local-host scan. 

Since this Nessus server runs locally on port 8834, it is designed to work with https://localhost:8834/. (“How to download and install Nessus on Windows,” 2023).

Nessus Vulnerabilities

Nessus Vulnerabilities are categorized depending on severity. 

These classifications include VPR, VSSv3, CVSSv2, and CVES (Dumont, 2021). 

Red indicates the highest severity (critical), while yellow shows the lowest value (medium).  

The score ranges from 0.1-10.0. 

Significant quantities of vulnerabilities are overwhelming, and technicians struggle to prioritize and manage them. 

VPR-identified vulnerabilities require urgent interventions since they are considered the most critical. 

CVE-2024-0971 – SQL injection that occurs where a genuine attacker can modify database content (Nessus, 2024).

The VPR identifies vulnerabilities that are prevalent in the modern digital landscape and critical to manage (Dumont, 2021). 

The risk of exploitation is directly proportional to the VPR value. 

Vulnerabilities with a critical value need immediate attention since they are more exploitable and pose the highest risks. 

References

Carnegie Mellon University (CMU). (n.d.). Nessus:  A security vulnerability scanning tool. https://www.cs.cmu.edu/~dwendlan/personal/nessus.html   

Cloudflare. (n.d.). What is a cryptographic key? https://www.cloudflare.com/learning/ssl/what-is-a-cryptographic-key/  

Dumont, C. (2021, April 5). Top Ten Vulnerabilities. Tenable. https://www.tenable.com/nessus-reports/top-ten-vulnerabilities  

How to download and install Nessus on Windows? (2023, February 1). GeeksforGeeks. https://www.geeksforgeeks.org/how-to-install-nessus-in-windows/  

IBM. (2023, June 21). Digital certificates. https://www.ibm.com/docs/en/integration-bus/10.0?topic=overview-digital-certificates 

Nessus: Security vulnerabilities, CVEs. (2024). https://www.cvedetails.com/vulnerability-list/vendor_id-12865/product_id-27428/Tenable-Nessus.html    

TechTarget Contributor. (2021). PKI (public key infrastructure). TechTarget. https://www.techtarget.com/searchsecurity/definition/PKI  

What is public key infrastructure (PKI) & how does it work? (2023, June 26). Okta. https://www.okta.com/identity-101/public-key-infrastructure/ 

Tags: steam, tech