Faced with the proliferation of terminals, it is not always easy to find the weak link in your network. Here are two softwares that allow you to see more clearly.
If you have a lot of devices and connected objects at home, it would be interesting to know if one of these devices does not represent a risk for your IT security. To find out, you have to do a network vulnerability audit. We offer you two methods. The first, based on Bitdefender Home Scanner, is quick and easy. The second, based on Nessus Home, is a bit more complex, but also more comprehensive.
Method 1: Bitdefender Home Scanner
Download the Bitdefender Home Scanner installation executable on the publisher’s website or on 01net.com. Once the installation is complete, launch the software. This will then ask you if the network to which your computer is connected is your home network. Confirm and run the vulnerability scan, which will take a few minutes. Once the scan is complete, the software will list all the devices connected to your network, sorted by IP address. It will indicate for each of them whether it has found a potential risk or not.
In the case of a potential risk, you can then click on the arrow to the right and get more detailed information about the equipment in question and the potential vulnerability detected. If necessary, Bitdefender Home Scanner will give you advice on how to fill this gap. Usually, this will involve changing a password or updating the equipment system.
Method 2: Nessus Home
Nessus is a professional vulnerability scanner that can be activated with a free “Home” license, limited to 16 connected devices. To download it, you must first obtain a license key on the Nessus website, by giving a name and an email address. The software download is done on another page. Choose the version corresponding to your operating system, download it and start the installation. Depending on the machine configuration, Nessus will install one or more additional software to help it perform its scans. So, on Windows, it will install the WinPCap packet capture software.
Once the installation is complete, you are prompted to log into the Nessus administration interface, which runs on a local web server. This requires accepting a security exception related to the Nessus self-signed SSL certificate. Have no fear, it’s completely risk-free.
Then, all you have to do is create a local account to finally access the administration interface. Then click on ” Create a new scan “, Then on” Basic Network Scan “.
You then arrive on a form in which all you have to do is fill in the “Name” and “Targets” fields. For the first one, you can put whatever you want. For the second, you must indicate the IP address field of your local network, for example 192.168.0.0/24.
Finding this address field is not very complicated. Click on the Windows menu, type “cmd” in the search field, run the cmd.exe software, and type the command “ipconfig”. You will then know the local IPv4 address of the machine, and also discover the first three numbers of IP. On Nessus, in order to scan over the entire address field, all you have to do is replace the last digit with 0 and add “/ 24”.
Save your scan configuration, then click the small arrow to start the scan. This will be significantly longer than for Bitdefender Home Scanner. Will you have a little coffee and come back later.
Once the analysis is complete, the software will list all the potential vulnerabilities, classified by IP addresses or by level of criticality. Here again, it will be possible to have detailed information on the equipment, the flaws found and the solutions to be implemented. You will notice that these are much more precise, but also much more technical. Click on ” Vulnerabilities To find the most serious flaws first. You can then click on each element that poses a problem: Nessus will then give you a complete description of the flaw and, if necessary, offer you a solution to remedy it.
Final remark
The two methods do not necessarily give the same results. This is normal, because vulnerability analysis is not an exact science. Some scanners are more effective than others for certain vulnerabilities. In addition, their lists of flaws may contain false positives, that is to say flaws that do not actually exist. This is why it is always necessary to check on the equipment in question if the flaw really exists.