[ What’s Nessus ? ]
Nessus is a vulnerability scanning tool.
There are more than 40,000 plugins which are used by scanning.
New plugins feed to your local Nessus , so you can assess new vulnerabilities.
You can assess whether your machine has some vulnerabilities or not w/ nessus.
[ Install Nessus on Ubuntu 11.04 64bit ]
1. Download Nessus.
There are no ubunut11.04 deb packages , so I got ubuntu10.10 deb package.
Nessus-4.4.1-ubuntu1010_amd64.deb
2. install nessus
# dpkg -i Nessus-4.4.1-ubuntu1010_amd64.deb Processing the Nessus plugins... [##################################################] All plugins loaded - Please run /opt/nessus/sbin/nessus-adduser to add a user - Register your Nessus scanner at http://www.nessus.org/register/ to obtain all the newest plugins - You can start nessusd by typing /etc/init.d/nessusd start |
3. add a user
# /opt/nessus/sbin/nessus-adduser |
This is used for GUI login account.
4. registere a key.
You can obtain a key at http://www.nessus.org/register/
Activate my account.
# /opt/nessus/bin/nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX Your activation code has been registered properly - thank you. Now fetching the newest plugin set from plugins.nessus.org... Your Nessus installation is now up-to-date. If auto_update is set to 'yes' in nessusd.conf, Nessus will update the plugins by itself. |
You can fetch new plugins.
# /opt/nessus/sbin/nessus-update-plugins Fetching the newest updates from nessus.org... Done. The Nessus server will restart when its scans are finished |
plugins are stored under /opt/nessus/lib/nessus/plugins directory.
5. start Nessus
# /etc/init.d/nessusd start |
Nessusd listen on TCP 8834 port by default.
# lsof -ni:8834 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nessusd 9643 root 8u IPv4 13530 0t0 TCP *:8834 (LISTEN) |
6. access to Nessus w/ web browser.
https://127.0.0.1:8834
[ Let’s use nessus ]
scan remote CentOS machine.
nessus machine : 192.168.10.15
target machine : 192.168.10.11
1. create scanning policies .
GUI -> Policies -> Add
policy name is “test scan”
Credentials setting.
set up remote machine’s SSH login credentials
Select plugins you want to scan.
click button you want to scan.
2. create scans target
GUI -> Scans -> Add
set up target machine’s IP and select scan policy file(test scan). 
now scanning
.
done !
You can download results in some formats.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.