Download the Windows Nessus client from http://nessuswx.nessus.org/. The download is a zip file. Extract all the contents of the zip file into a directory.
Download the Virtual PC images that I made for cs216:
http://www.cs.csubak.edu/~mdanfor/cs216/vm.html
Unzip each image file. You may only be able to work with one image at a time depending on the space available on the D: drive.
When running scans, run them against your own machine or machines in the lab and leave the default option to only run safe checks enabled. The scan usually takes 5-10 minutes per machine. When it is done, the Linux client pops up a report. The Windows client has a button to click to get the report.
First just start the virtual machines with their default daemons as they were configured in the zip file and scan the machine. Next try enabling various daemons and rescan the machine. How does enabling daemons change the report?
Next, run "tcpdump -p -n -XX" on the machine being scanned and see what data is sent during the scan. If there is too much chatter from other machines (-p should prevent promiscuous mode, but Windows machines are known for having broadcast chatter), you can restrict tcpdump to just your machine's IP using the "host <IP>" option to tcpdump. What do you see from the tcpdump of the scans?
Try this for both the Slackware and Debian images provided. Write a brief summary of what daemons you enabled and answer the above questions. Email that to my Helios account.