Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: Installing and Using Nessus 4.2.2: The Basics Part 1

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Posts
    10

    Default Installing and Using Nessus 4.2.2: The Basics Part 1

    Installing and Running Nessus 4.2.2: The Basics

    Nessus is now no longer using the Nessus Client as in previous versions.
    It uses a Web Interface to set up, scan and view reports.

    To download the Nessus package:
    Tenable Network Security

    Choose Linux. > Accept the agreement. > Choose the version that is for your distribution.

    You'll want to choose "Nessus-4.2.2-ubuntu810_i386" if your using Backtrack


    To install:
    Code:
    root@bt~# dpkg --install Nessus-4.2.2-ubuntu810_i386.deb
    Now you will need to add a user to use Nessus:
    Code:
    root@bt~# /opt/nessus/sbin/nessus-adduser
    You are going to enter a login name and then a password for logging in to Nessus:
    Code:
    Login: (type what you want for a name)
    Authentication <enter>
    Login Password: (Create a Password)
    Login Password: (Repeat)
    Do you want this Nessus user to be an "admin" user? yes <Enter>
    (Leave the rules blank) <Enter>
    This user will have "admin" privileges on the Nessus server
    Is this O.K.? Yes <Enter>
    user added
    You will now have to register to get the plugin feed:
    Tenable Network Security

    Accept the agreement. > Enter an E-mail address to recieve a key.
    In the E-mail sent to you will be a path with the key added to it, copy that and paste in console.
    Code:
    root@bt~# /opt/nessus/bin/nessus-fetch --register <your key# here>
    To start the Nessus server:
    Code:
    root@bt~# /etc/init.d/nessusd start
    To stop the Nessus server:
    Code:
    root@bt~# /etc/init.d/nessusd stop
    Now, isn't that simple?

    The Web Interface.

    Remember, there is no longer a Nessus Client.

    Open your favorite browser and type in the address bar:
    Code:
    https://127.0.0.1:8834
    (don't forget the "s" in https)
    Note: If using Firefox with Noscript, make sure you allow the address to view the Nessus Web Interface.

    You will now be shown the login access page.



    Once you have entered your user name and password you will be taken to the Nessus web interface.
    The default view is Reports.

    Before scanning you must configure a few things:
    Click Policies > + Add



    Policies
    1. Enter a Name.
    2. In Port Scanners check all that apply.
    3. In Port Scan Options you can leave it at default or choose a range for faster scanning.
    4. Click Next



    Credentials
    1. Click Next

    JellyBelly
    Last edited by JellyBelly; 06-02-2010 at 06:26 PM.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    Nice first post. Good share.

  3. #3
    Just burned his ISO
    Join Date
    May 2010
    Posts
    10

    Default Installing and Using Nessus 4.2.2: The Basics Part 2

    Installing and Running Nessus 4.2.2: The Basics Part 2


    Note: Due to the settings in the Forum I had to multi post this How to.



    Plugins
    1. If you know a specific plugin you can filter by name.
    I left it default blank.
    2. Click Enable All
    3. Click Next



    Preferences
    You can leave this default.
    1. Click Submit

    Now we have a policy to run a scan with.



    Now we are ready to Run a Scan against targets.
    Click Scans > + Add



    Launch a Scan
    1. Enter a Name for the network.
    2. Leave type as default "Run Now"
    3. Policy: Choose the policy name from the drop down box you created earlier.
    4. Enter your Scan Targets.
    5. Click Launch Scan

    Thanks Archangel-Amael,

    JellyBelly
    Last edited by JellyBelly; 06-02-2010 at 06:29 PM.

  4. #4
    Just burned his ISO
    Join Date
    May 2010
    Posts
    10

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 3

    Note: This is the final part to complete the Basics of installing and scanning with nessus.



    scan Status
    1. Give it some time to finish scanning.
    2. Click Reports when finished scanning.
    3. Highlight the report for the network you scanned
    4. Click Browse



    1. Click on the IP you want more info about.



    Oh No!
    There is a vulnerability in BT4 involving Mono and XSS allowing privilege escalation?
    No problem! Nessus offers a solution to fix it.
    The solution is to upgrade to Ubuntu 9.04.



    Happy scanning,

    JellyBelly
    Last edited by JellyBelly; 06-02-2010 at 06:34 PM.

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    Jellybelly, please scale the pictures in your post to a reasonable size or I will be forced to remove them. The pictures are to big and blow out the side of every browser.

  6. #6
    Just burned his ISO
    Join Date
    May 2010
    Posts
    10

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    Done.

    It was detracting some. I had made a note to fix it.
    Got myself the FF add-on MeasureIt to help me.

    Thanks

  7. #7
    Just burned his ISO SeekNDestroy's Avatar
    Join Date
    Feb 2010
    Posts
    11

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    Very good post! Thank You!

  8. #8
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    13

    Question Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    JellyBelly
    Thanks for a nice tutorial. I tried installing Nessus on my back|track 4 VM, & also my Ubuntu 10.04 VM. My problem lies with going to the local host address. I can't seem to bring the page up in either of my browsers. What could I be doing wrong?

    And for the record I do have the server running..
    Code:
     /etc/init.d/nessusd start
    And I have changed NoScript to allow the address.

    Any help is greatly appreciated.
    Thanks.

  9. #9
    Member whitelisted's Avatar
    Join Date
    Feb 2010
    Posts
    72

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    Great post JellyBelly.

    I'd also recommend editing /opt/nessus/etc/nessus/nessusd.conf so that the line "auto_update = yes" is commented, and "listen_address" is set to "127.0.0.1" so as to restrict access to your nessus instance from the network.

  10. #10
    Member macphail's Avatar
    Join Date
    Jun 2010
    Location
    East Coast, USA
    Posts
    164

    Default Re: Installing and Using Nessus 4.2.2: The Basics Part 1

    solid intro to the new interface, jelly.
    thanx!
    -----------
    ~peace
    MacPhail

Page 1 of 3 123 LastLast

Similar Threads

  1. Installing BT3 on the eee 901 with drivers, part I
    By hippocrates in forum OLD Tutorials and Guides
    Replies: 45
    Last Post: 11-02-2009, 01:04 PM
  2. BT3 Tutorial : Installing Nessus 3.2.0
    By williamc in forum OLD Tutorials and Guides
    Replies: 48
    Last Post: 01-20-2009, 08:35 PM
  3. Installing Nessus 3.0.6
    By elazar in forum OLD Tutorials and Guides
    Replies: 67
    Last Post: 03-31-2008, 07:18 AM
  4. Installing and running Nessus
    By Stitchup in forum OLD Tutorials and Guides
    Replies: 5
    Last Post: 03-01-2008, 02:29 PM
  5. Help installing Nessus on BT2 Final
    By michelinok in forum OLD BackTrack v2.0 Final
    Replies: 5
    Last Post: 05-29-2007, 02:08 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •