Wednesday, June 27, 2007

Nessus Instalation and Configuration

Nessus is a vulnerability scaner composed of two parts, the server and the client frontend.
The first step is to install the server and the client with the folowing comands:


# apt-get install nessusd

# apt-get install nessus


Now you need to add a user to nessus or else it wont connect to the server, even if you try your login and password on the machine where the server is instaled.


# sudo nessus-adduser

Password:
Using /var/tmp as a temporary file holder
Add a new nessusd user
----------------------

Login : my_login
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that my_login has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules syntax

Login : my_login
Password : ***********
DN :
Rules :

Is that ok ? (y/n) [y] y
user added.



On the "Authentication (pass/cert) [pass] :" just press enter.
Now you just need to start the nessus server, with the folowing command:


# /etc/init.d/nessusd start


And start the client with:


# nessus


input the login and password you added before, select the plugins you want to use in the vulnerability scan and input the target of scan and press "Start the scan"

No comments: