Campus Website Security Vulnerability Analysis Using Nessus

Muhammad Abdul Muin, Kapti Kapti, Tri Yusnanto

Abstract

Agencies or organizations are competing to create websites for their agencies, where this website to make work easier or disseminate information to the public in this study is a college or campus website. With this website, many people access it, so there is a possibility of security holes, which can be exploited by irresponsible people. So that data can be manipulated, retrieved or otherwise to the detriment of one-sided or several parties. For this reason, we tried to analyze the vulnerability of a website using a software called Nessus. From the results of the scan, it was found that several vulnerabilities were found from each website with different vulnerability levels. Of the 3 websites that have the most vulnerabilities, web 1 is 14. Meanwhile, the vulnerability at the medium level is on web 2, which is 22%. For the vulnerability lies in a weak DNS Server.

Full Text:

PDF

References

W. Wardana, A. Almaarif, and A. Widjajarto, “Vulnerability assessment and penetration testing on the xyz website using NIST 800-115 standard,” J. Ilm. Indones., vol. 7, no. 1, pp. 520–529, 2022.

N. Huss, “How Many Websites Are There in the World?,” siteefy.com, 2022. [Online]. Available: https://siteefy.com/how-many-websites-are-there/#:~:text=Currently%2C there are around 1.18 billion websites in the World.

I. G. N. Mantra, M. S. Hartawan, H. Saragih, and A. A. Rahman, “Web vulnerability assessment and maturity model analysis on Indonesia higher education,” in Procedia Computer Science, 2019, vol. 161, pp. 1165–1172.

S. Ariyani, “ATCS System Security Audit Using Nessus,” J. Inf. Eng. Appl., vol. 7, no. 3, pp. 24–27, 2017.

S. Chimmanee, T. Veeraprasit, K. Sriphaew, and A. Hemanidhi, “A Performance Comparison of Vulnerability Detection between Netclarity Auditor and Open Source Nessus,” Recent Adv. Commun. Circuits Technol. Innov., pp. 280–285, 2012.

R. Kushe, “COMPARATIVE STUDY OF VULNERABILITY SCANNING TOOLS: NESSUS vs RETINA,” Int. Sci. J. "Security Futur., vol. YEAR I, no. 2, pp. 69–71, 2017.

I. Chalvatzis, “Reproducible modelling and simulating security vulnerability scanners evaluation framework towards risk management assessment of small and medium enterprises business networks,” Indian J. Sci. Technol., vol. 13, no. 37, pp. 3910–3943, Oct. 2020.

I. Kamilah and A. Hendri Hendrawan, “Analisis Keamanan Vulnerability pada Server Absensi Kehadiran Laboratorium di Program Studi Teknik Informatika,” in Prosiding Semnastek, 2019, vol. 16, no. 0, pp. 1–9.

Tenabel, “Nessus 8.14.x User Guide,” 2022. [Online]. Available: https://docs.tenable.com/nessus/8_14/Content/PDF/Nessus_8_14.pdf.

Refbacks

  • There are currently no refbacks.