|
-
August 27th, 2004, 03:28 AM
#1
 nessus questions
i was gonna try messing around with nessus(scanning my comp, etc). but i am a little confused about some things. whats with it having the client side and server side? i thought you were supposed to put nessusd on the target but then i read something about having to have a unix server for the server side(how do i get access to that? would a shell account work?). im trying how youre supposed to use it, can somebody just give me a little walkthrough on scanning my own network or something?(i could only find installation instructions on google)
-
August 27th, 2004, 04:24 AM
#2
You have to have the nessus daemon (nessusd) installed on a *nix box.
You then connect to it via the nessus client, either on *nix or on win32.
You can't use the nessus client if you don't have access to a *nix box beause you need to run nessusd and nessusd will only run on *nix. (you know you like that hell of a long run on sentance...)
If you don't have a *nix box, then look into a live distro... such as knoppix-std.
I don't think that many people will give you access to theirs because it can be misused...
We have plenty of people here who have a *nix box that scan scan your box for you.
You just have to find someone who is willing and you also have to prove them them (somehow) that it is indeed your box they are scanning.
If you are behind a firewall with multiple PCs, then they can only scan your router or whatever you have forwarded on from your router to your internal network.
Hope that clears things up a bit?
http://www.nessus.org/documentation.html
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
August 27th, 2004, 04:53 AM
#3
Member
phishphreek has it summed up pretty well...
NessusD is the server portion and can only be installed in a *nix enviroment... after you have the server portion setup you connect to it with the client... the server portion has all of the plugins (scripts) that do the testing.
Do you have VM Ware by chance?
A cool way of doing it is firing up Daemon Tools and loading a linux live CD (ISO) as a virtual drive... then you set that up as a device in the virtual machine.. boot from the virtual CD in the virtual machine and poof.. your running your windows box and the live CD at the same time... these live CDs have nessus precompiled/installed and you just launch it from X.
I really suggest you do the scanning yourself as getting someone else to do it for you earns you nothing in the way of knowledge. (Other then some insight on your machines vunerable services)... you're already skipping a LOT of steps by using a live CD. Knoppix-STD is a GREAT option but there are others... google linux live CDs for more info.
[Off Topic]
Hey phisphreek.. did you catch the last show in Coventry? We walked for about 10miles on saturday morning to get there... well worth the work  ...camped right on shakedown ally too.
[/Off Topic]
Dyn/Gnosis ~ Powerful/Knowledge
www.Dyngnosis.com
Tutorials - Site Penetration Logs - (TheCommunity)Forums - Toolss
-
August 27th, 2004, 05:54 AM
#4
Phonedog911
Nessus is a pretty good scanner once you get it going - server/client as was mentioned by our cohorts. And ^5 to them for knoppix!
Well I'll see if I can sneak in some of the options before someone else posts them. These should get you started assuming you config’d it and it works.
To get it going in sorta normal mode on the Server, on a terminal type: ./nessusd –D
Here’s the syntax for some options:
nessusd [ -v ] [ -h ] [ -c ] [ -a ] [ -p ] [ -D ] [ -d ]
meaning:
-c: use another config file other than the default /usr/local/etc/nessusd.conf
-a: instructs the server to monitor a specific IP Addee (example: -a 192.168.4.6)
-p: instructs the server to monitor another port other than the default port of 1241 (example: -p 1234)
-D: instructs the server to run in the background
-d: server to dump compile opts
-v: will exit after posting version #
-h: list commands
Here’s an example: nessusd –a 192.168.4.6 –p 1234 –D
To use the Client GUI: navigate to /usr/local/bin/
Then at a term prompt, type: ./nessus
Some normal options:
nessus [ - hnv ] [ -V ] [ -T ]
-h: displays help
-n: without pixmaps
-T: formats output; ‘text’ , ‘html’ etc
-v: version
-V: displays progress/status messages to screen
Well hope that helps some.
cheers
Connection refused, try again later.
-
August 27th, 2004, 12:43 PM
#5
what about the "points of view" how are those created? do you put multiple instances of nessusd in strategic places? the docs talk about "blind scans" and some other stuff involving this.
-
August 27th, 2004, 02:22 PM
#6
Member
Perhaps you could refrence where you see the term 'points of view' ...I'll make my best guess.
Points of view could represent vulnerability from different access points. Access from the LAN could be one... visibility from the internet could be another?
hrmm.. thats best guess until I get a refrence.
Dyn/Gnosis ~ Powerful/Knowledge
www.Dyngnosis.com
Tutorials - Site Penetration Logs - (TheCommunity)Forums - Toolss
-
August 27th, 2004, 02:30 PM
#7
dynagnosis great guess!
When they are talking about the “points of view”, they are generally discussing how much information you have about the computer on your network that you are going to scan. It could also include the location from which you are conducting the scan.
Examples:
A blind scan from the Internet to your end node in which you only have minimal information about the end node on your network. Obviously you must have the IP Address.
Scanning from your office in which you have full admin knowledge about the end node.
Of course you could also consider a blind scan from your office’s trusted network, as a “point of view” as well.
do you put multiple instances of nessusd in strategic places?
That would really depend on your network topology. Nessusd = Server Daemon
Some folks get really hot, and of course it’s not ethnical to scan someone not part of your network. Just remember that scanning from the internet is assholic at the least, your scans must be of your own network.
Connection refused, try again later.
-
August 27th, 2004, 04:52 PM
#8
the daemon on the nix box is what does the scanning, so you would put nessusd inside your trusted network or w/e and scan from there to get that point of view, right?
-
August 27th, 2004, 05:16 PM
#9
Member
Incorrect... the nessus client does the scanning. The client connects to the daemon to get information on how and what to scan. [The plugins tab]
Just put the nessusd on the same machine as the nesssus client. The Knoppix-STD, l.a.s, and other linux live CDs all have them (both) installed and configured to work out of the box.
Your 'point of views' are from the scanning machine.. what does my machine look like from when scanning from a VPN? when directly attached to the net? behind a firewall? DMZ?
Dyn/Gnosis ~ Powerful/Knowledge
www.Dyngnosis.com
Tutorials - Site Penetration Logs - (TheCommunity)Forums - Toolss
-
August 27th, 2004, 05:48 PM
#10
if u dont have "affinity" with linux, you can try this http://www.phlak.org it has all tools, including nessus.
Meu sítio
FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
If I die before I sleep, I pray the Lord my soul to encrypt. If I die before I wake, I pray the Lord my soul to brake.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
