Nessus 3.0.6 fresh installation on BT2 final HOWTO
This HOWTO is based on macamba installation guide (thanks man!) but I have tested it with version FedoraCore 5 (available on Nessus site) and without previous version of nessus installed before.
- Back|Track needs to be installed on harddisk
- you should be logged as root.
- Previous version of Nessus IS NOT REQUIRED
Download the following packeges from Nessus.org to /tmp on your harddisk:
- Nessus-3.0.6-fc5.i386.rpm (server)
- NessusClient-1.0.2.tar.gz (client source code)
- nessus-libraries-2.2.10.tar.gz (nessus libs are required)
Step 2: Install Nessus 3.0.6
Convert the server packege to .tgz with the following command:
- cd /tmp
- rpm2tgz Nessus-3.0.6-fc5.i386.rpm (now you have Nessus-3.0.6-fc5.i386.tgz in /tmp)
- gzip -d Nessus-3.0.6-fc5.i386.tgz
- cd / (root dir)
- tar -xvf /tmp/ Nessus-3.0.6-fc5.i386.tgz
Step 3: Install NessusClient 1.0.2
- cd /tmp
- tar -xvf /tmp/NessusClient-1.0.2.tar.gz
- cd NessusClient-1.0.2/
- make install (the following message appears " NessusClient has been sucessfully installed")
Step 4: Install Nessus libraries
- cd /tmp
- gzip -d nessus-libraries-2.2.10.tar.gz
- tar -xvf nessus-libraries-2.2.10.tar
- cd nessus-libraries-2.2.10
- make install
Step 5. Copy Nessus lib
- cp /opt/nessus/lib/* /lib
Step 6: Configure Nessus
- check with the $PATH command if "/opt/nessus/bin" and "/opt/nessus/sbin" are configured
- if not, add manually "/opt/nessus/bin" and "/opt/nessus/sbin" in "/etc/profile" or simply do "PATH=$PATH:/opt/nessus/sbin:/opt/nessus/bin:" (system restart is not required)
- cp /usr/lib/libssl.so /lib
- cp /usr/lib/libcrypto.so /lib
- cd /lib
- /opt/nessus/sbin/nessus-mkcert (this command produce error message that some version of libcrypto.so.X is required – it can be libssl.so.5 or so.6)
- “ln libssl.so libssl.so.X”
- “ln libcrypto.so libcrypto.so.X”
Step 7: Create certificate and user
- cd /opt/nessus/sbin
- nessus-mkcert: <enter through>
Login : your user
Authentication (pass/cert) [pass] : pass
Login password : your password
Login password (again) : confirm your password
- the following message appears: "Enter the rules for this user, and hit ctrl-D once you are done : (the user can have an empty rules set)"
- Is that ok ? (y/n) [y] y
Step 8: Update plugins
- go to Nessus site, REGISTER section, then click accept and use your email to get activation code.
- run '/opt/nessus/etc/nessus/nessus-fetch XXX-YYY-ZZZ-VVV'
Step 9: Run Nessus
- nessusd (-D is option to run daemon)
Thanks, A few things were different than the Tutorial, but I figured it out no prob. (like a file ending up TAR instead of tar.gz) So most of the commands are copying and paste (the best kind!) but not all. It helps the learning go faster though!
Thanks for the tutorial, very helpful. I think that this tutorial should have the few minor errors fixed up and replace the old nessus install tutorial on the howto: section of the wiki.
Yeah, that's what I was thinking. Can't remember what the problems were now though. I think the directories were off a little. a quick search in BT2 revealed where it was though. I think that was all. Also, I dont believe my Nessus daemon starts when the computer does, I have to manually start it by typing..
but, I could also be retarded too!