Windows Articles

Linux Articles

Nessus Articles

 

The following article describes how to install;

Nessus 3.0.3

These instructions are taken from an email I sent a colleague, I will be updating it with screenshots in the very near future...

Step 1. Download the RPM from Tenable's website

Step 2. Logon as Root, Nessus in the 3.0 tree needs to install the service, and run with administrative privleges in order to provide raw packet writing access required by its security checks.

Step 3.

Logon to your Linux install as

Root, then go to

Nessus.org > Download

Nessus 3.0.3 for Linux > Accept > Fill in the Registration

Check the "Internal Use" box... > Check - Do not contact me (or whatever you prefer)

For you click the link next to "Fedora Core 5" this will give you an RPM package to install in Linux

Download the file, probably it will go to your Desktop

Look for the Download Link at the top left of the page, click it

Now under downloads, select NessusClient 1.0.0RC5 Client for Nessusd

Accept, select the one next to Fedora Core 5 and it should give you another rpm file

When these finishes downloading, open a Terminal (Linux Command Prompt)

usually Windows command prompt starts in C:, in Linux if you are logged on as Root it will start in the 'Root's' Home directory, inside that directory is a 'Desktop' folder, just like Windows users each have their own Desktop folder.

type 'ls' without the quotes, this gives you a 'listing' of your Root's Home folder like typing DIR in Windows

One of the things in your listing should be 'Desktop'

type 'cd Desktop' this like in Windows 'changes the directory' to Desktop

type 'ls' to get a listing of things on the 'Desktop' one of them should be;

Nessus-3.0.3-fc5.i386.rpm

type 'rpm -i Nessus-3.0.3-fc5.i386.rpm'

Listing of Root's Desktop

This runs the RPM program to 'Install' the Nessus package, follow the prompts and answer all the questions, the defaults are usually fine, setup a nessus user

Adding the Nessus User - Auditor

I'll use 'auditor' here, but anything can work

Choose a Nessus Authentication Type

In choosing the type of authentication for the Nessus server, Certificates are fine, but I like to use passwords, which is the default. Defaults are always presented in Brackets [ ] to the right, if you're okay with password based authentication just hit Enter. Type a password for the user, and retype the password to make sure the you didn't mistype it, the adduser script doesn't give you any asteriks as feedback when you type.

Defining Rules for the UserHere you define any rules for the user, some users might not need to be able to scan every IP in your network, or you might not trust the junior admin with the right to use 'destructive testing' on your production network. If you don't want to set any rules hit Ctrl-D and we're done.

Adduser script is complete

You'll need to register Nessus, they will send the registration link to the email you register with, there should be commands for registering the Nessus server, registering is important because you can't get updated plugins for the scanner without a registered feed.

Register your copy of Nessus

When you run the registration, Nessus should pull the latest updates, and tell you that Nessus will pull its own updates every 24 hours from now on.

Nessus installs as a service and runs in the background now, so Nessus should always be running, if you look closely at the service start up on your next boot, you might see Nessus starting up and loading plugins.

To update plugins manually;

type '/opt/nessus/sbin/nessus-update-plugins' and hit enter

This will run for a few minutes and won't give you any feedback until it is done, there should be some network activity, and when it is complete you should have a fully up to date install of Nessus.

Install the Nessus Client

type 'rpm -i NessusClient-1.0.0.RC5-fc5.i386.rpm' this Installs the NessusClient, the GUI you will run your scans from.

type 'NessusClient &'

Load the Nessus Client

The GUI looks like this

Nessus Client GUI - No Modifications

Click File > Scan Assistant

Nessus Scan Assistant - Setup your Scanner

Task is just a name use the Client/Company's name if that's easier to track for you

Select a Scope

Scope is an easy place to break down internal scans from external scans, or servers from workstations

Pick your Scan Targets

Targets is individual IPs, ranges of IPs, or a text file with the IPs in it, you can connect multiple IPs or ranges with a comma.

Click Execute to begin

Execute brings you to the logon screen

The Login Screen

The first two blanks Hostname and Port should be Localhost and 1241, login and password should be those for the nessus user you created earlier, click Ok to logon to the Nessus server

If you have never logged into this server before, you have to configure your SSL Security Level.

Choose your SSL Paranoia Level

You will be presented with a Security Certificate from the Nessus Server

Nessus Security Certificate

Click Yes if you accept.

Nessus Server sends copies of the Plugins to the Client

The Client recieves all the plugins from the Nessus Server.

The Nessus Scan begins

The scan should start immediately after that, and you can see the Portscan bar progress, this is like an Nmap scan going on, then the vulnerability checks will occur. By default Nessus runs all of the safe checks it has for any of the open ports that it found, this is a pretty smart default, and you'll have to learn more about Nessus to really use much more.

The default scan is fine for many purposes, we'll go into more configuration details and how to interpret scan results in other articles.

When the scan completes you will be back in the GUI with a report under your Scope, and results pane over on the right.

Email Address