Step-by-step setup of Nessus - TUTORIAL
Results 1 to 4 of 4

Thread: Step-by-step setup of Nessus - TUTORIAL

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883

    Step-by-step setup of Nessus - TUTORIAL

    Nessus Installation on Red Hat Linux

    BEFORE WE BEGIN
    ===============================
    I understand that there are many ways to install and configure Nessus. This tutorial covers only one of them. This tutorial makes several assumptions:
    1. You are competent with Windows, Linux and basic networking. If you don’t know how to use command line FTP for example, then this tutorial will be of no use to you.
    2. You have 2 computers, one with a Windows and the other with Red Hat, both in good working order. It also assumes that you have at least one supported compiler such as GCC installed on your Red Hat Box.
    3. This tutorial is written by me with no references or “borrowed” material. If something doesn’t work or something isn’t clear, yell at me because I am 100% responsible.

    GETTING THE SOFTWARE
    ===============================
    First, go to http://nessuswx.nessus.org/archive/n....4-install.exe and download the NessusWX client on to your Windows box. The current version as of this writing is 1.4.4.

    Now, on your Red Hat box, from the directory of your choice, ftp to ftp.nessus.org and login anonymously. Once there, path to /pub/nessus/nessus-2.0.7/nessus-installer/ and download nessus-installer.sh

    INSTALLATION OF THE NESSUS ENGINE
    ===============================
    Now that you have all of the software, it’s time to install. Let’s begin with the Nessus engine because it requires most of the work.

    1. From the directory where you downloaded nessus-installer.sh, simply type: sh nessus-installer.sh. The Nessus installation script will tell you that you need root priviledges to complete the install, press ENTER to continue if you are logged in as root already.
    2. Nessus will ask where you want it installed. /usr/local is the default so just hit ENTER when you see the prompt. At this point, Nessus will tell you that it is ready to compile. Hit ENTER and sit back while it compiles. It will take a little while. When it is finished, you’ll see a screen detailing the next steps. Hit ENTER.
    3. Now, at this point you have to decide if you want Nessus to start up each time you boot your box or if you just want to start it when you feel like it. To start it when you feel like it, use /usr/local/sbin/nessusd –D. If you want to start it automatically when your box boots up, add /usr/local/sbin/nessusd –D & to /etc/rc.local.
    4. Now, decide how you want to handle updating the plugins. You can do it each time the box boots by adding /user/local/sbin/nessus-update-plugins & to /etc/rc.local. You can also copy the nessus-update-plugins script to /etc/cron.daily and it will go out each day and grab the updates.
    5. OK, we now have to generate a certificate so go to /usr/local/sbin/ and type nessus-mkcert. This will prompt you for a bunch of information that you would see when generating any SSL certificate. Answer all the questions.
    6. Now you have to add a user by running nessus-adduser from /usr/local/sbin. When run, provide a login ID of your choice. When it asks for pass or cert, hit ENTER to accept pass as the auth method. When asked for a password, provide it one. Next you will see a blurb about user rules. Simply hit Ctrl – d and Nessus will verify your input. Type in “y” and Nessus will inform you that the user has been added.

    Well now all you have to do is reboot the box to launch Nessus or you need to start the deamon manually as shown in step 3.


    INSTALLATION OF NESSUSWX CLIENT
    ===============================
    OK, now all you have to do is run the installer. On the first screen, click next to continue. Next click the checkbox if you agree to the license, then hit next to continue. The next screen shows the install path, click next to continue. Select Binaries Only, then click next. The next screen names the program group, hit next to continue. It now has all the info to begin installation. Hit next and it will begin. Once this is done, look for the eyeball icon on your desktop. Launch it. It will ask about a nessusdb and all you need to do is say yes to create it.

    OK, now you need to configure a session:
    1) Form the mune pulldowns, select COMMUNICATIONS, then CONNECT. Enter the IP address of your Nessus server then enter the username you created on the Nessus server. You need to use password authentication and it is your choice to save the password or not. Once you do that, hit CONNECT. Accept the certificate however you like (I always do perminant because I trust the source).
    2) From the menu pulldowns, select SESSION then NEW.
    3) This will open a window to enter your list of target hosts. Add your hosts in here.
    4) Now, each tab has tons of options so I will hit on the key ones for now. Hit the portscan tab and enter the range 1-65535.
    5) Hit the plug-ins tab and check “use session specific plugin set”, then hit the select plugins button, then select either all plug-ins (bad idea for a production box that you want to scan) or Non-DOS. Click OK.
    6) Now, right click on your session (green book icon) and select EXECUTE.
    7) On the next pop-up hit the EXECUTE button and you should see your scan underway.

    At this point, you are golden. When the scan is done you can preview it or you can generate a report. I usually select HTML output.

    In conclusion, I left out *tons* of options and configs but this tutorial is only intended to get you scanning. You’ll need to look into the docs to explore all this tool has to offer.

    Happy scanning!

    Oh yeah, if someone spots a mistake, let me know and I’ll fix the tut.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    347
    wow TH13. Just what I was looking for ! Im glad you got my pm and I now am working on getting Nessus Underway. Thanks Alot...
    "Serenity is not the absence of conflict, but the ability to cope with it."

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Glad this helps ya out. I did this tut in my five minute "quick and dirty" format so like I mentioned, many details are left unexplained. Once you get the scanner working (which is what the tut will do for you) then you can check out all the options the scanner has to offer.



    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    I just wanted add two quick troubleshooter bullet points as it seems that many folks are running into the same issues with a high degree of frequency.

    1) The nessus-mkcert script bombs out.
    Be sure that your system time and date are accurate. OpenSSL is *very* picky about this.

    2) Nessus complains about missing the sharutils RPM and will not install.
    Mount disk 3 of RH9 and go to the /RedHat/RPMS directory then do:
    rpm -i sharutils-4.2.1-14.rpm

    I plan on doing a pretty thorough troubleshooter tutorial on Nessus but for now this should take care of these two.

    --TH13

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides