Nessus 3.0.6 fresh installation on BT2 final HOWTO

[bzdziagwa]

This HOWTO is based on macamba installation guide (thanks man!) but I have tested it with version FedoraCore 5 (available on Nessus site) and without previous version of nessus installed before.

Prerequisities:
- Back|Track needs to be installed on harddisk
- you should be logged as root.
- Previous version of Nessus IS NOT REQUIRED

Step 1:
Download the following packeges from Nessus.org to /tmp on your harddisk:
- Nessus-3.0.6-fc5.i386.rpm (server)
- NessusClient-1.0.2.tar.gz (client source code)
- nessus-libraries-2.2.10.tar.gz (nessus libs are required)

Step 2: Install Nessus 3.0.6
Convert the server packege to .tgz with the following command:
- cd /tmp
- rpm2tgz Nessus-3.0.6-fc5.i386.rpm (now you have Nessus-3.0.6-fc5.i386.tgz in /tmp)
- gzip -d Nessus-3.0.6-fc5.i386.tgz
- cd / (root dir)
- tar -xvf /tmp/ Nessus-3.0.6-fc5.i386.tgz

Step 3: Install NessusClient 1.0.2
- cd /tmp
- tar -xvf /tmp/NessusClient-1.0.2.tar.gz
- cd NessusClient-1.0.2/
- ./configure
- make
- make install (the following message appears " NessusClient has been sucessfully installed")

Step 4: Install Nessus libraries
- cd /tmp
- gzip -d nessus-libraries-2.2.10.tar.gz
- tar -xvf nessus-libraries-2.2.10.tar
- cd nessus-libraries-2.2.10
- ./configure
- make
- make install

Step 5. Copy Nessus lib
- cp /opt/nessus/lib/* /lib

Step 6: Configure Nessus
- check with the $PATH command if "/opt/nessus/bin" and "/opt/nessus/sbin" are configured
- if not, add manually "/opt/nessus/bin" and "/opt/nessus/sbin" in "/etc/profile" or simply do "PATH=$PATH:/opt/nessus/sbin:/opt/nessus/bin:" (system restart is not required)
- cp /usr/lib/libssl.so /lib
- cp /usr/lib/libcrypto.so /lib
- cd /lib
- /opt/nessus/sbin/nessus-mkcert (this command produce error message that some version of libcrypto.so.X is required – it can be libssl.so.5 or so.6)
- “ln libssl.so libssl.so.X”
- “ln libcrypto.so libcrypto.so.X”


Step 7: Create certificate and user
- cd /opt/nessus/sbin
- nessus-mkcert: <enter through>
- nessus-adduser
Login : your user
Authentication (pass/cert) [pass] : pass
Login password : your password
Login password (again) : confirm your password
- the following message appears: "Enter the rules for this user, and hit ctrl-D once you are done : (the user can have an empty rules set)"
- ctrl-D
- Is that ok ? (y/n) [y] y

Step 8: Update plugins
- go to Nessus site, REGISTER section, then click accept and use your email to get activation code.
- run '/opt/nessus/etc/nessus/nessus-fetch XXX-YYY-ZZZ-VVV'

Step 9: Run Nessus
- nessusd (-D is option to run daemon)
- NessusClient

[imported_spankdidly]

Thanks, A few things were different than the Tutorial, but I figured it out no prob. (like a file ending up TAR instead of tar.gz) So most of the commands are copying and paste (the best kind!) but not all. It helps the learning go faster though!

[-`Joseph`-]

Thanks for the tutorial, very helpful. I think that this tutorial should have the few minor errors fixed up and replace the old nessus install tutorial on the howto: section of the wiki.

[imported_spankdidly]

Yeah, that's what I was thinking. Can't remember what the problems were now though. I think the directories were off a little. a quick search in BT2 revealed where it was though. I think that was all. Also, I dont believe my Nessus daemon starts when the computer does, I have to manually start it by typing..

/usr/local/sbin/nessusd -D

but, I could also be retarded too!