Discover LinuxSecurity Features
An Introduction to Nessus
At first, I intended just to download and install Nessus, do a quick scan of my systems, and be on my merry way, safer and a little more secure, just like I would do with Nmap, the excellent port scanner from insecure.org. But what happened was a little more complicated. Nessus is composed of two parts: a client and a server. The server is in charge of the attacks, whereas the client is the front end, so that you can perform scans of your whole network via your local work station. So there is a little more to setting it up than your typical application.
That is what this article
covers. I'll show you how to get Nessus onto your machine as quickly and
painlessly as possible, without having to spend hours fiddling with it
or pulling out your hair due to the fact that you missed one little thing.
I began with a fresh installation
of Red Hat 7.0. Make sure when you install that you select the custom option
and choose the development load so that you'll have all the necessary libraries
and compilers. Then follow these instructions step by step in order to
get Nessus up and running.
1. Make sure /usr/local/bin is in your path. To check, at the command line, type echo $PATH If it is not in your path, add usr/local/bin to the /etc/profile file. Remember: If you have to add this to your path, you have to log out and log back in for the change to take effect, or you can type:export PATH=$PATH:/usr/local/bin2. Add /usr/local/lib to the /etc/ld.so.conf file. Then go to /sbin and type: ./ldconfig
3. Nessus uses Nmap for port scans so you'll want to go to www.insecure.org and download the Nmap tarball and untar it.tar -zxvf nmap-VERSIONTo make sure that it is properly installed, type nmap at the command line and you should get a list of options and flags. This shows you that it has been properly installed.
make su (to super user)
4. In your home directory, create a new sub-directory 'mkdir Nessus'
5. Download the Nessus tarballs into your new Nessus directory.
6. In the Nessus directory, you should have four tarballs. You absolutely must have all four for Nessus to work. You want to untar, configure, make, and make install in this order exactly.su (into superuser) tar -zxvf nessus-libraries-VERSION cd nessus-librariesAfter you finish the make install of the libraries, you get a prompt to make sure that you have /usr/local/lib in the /etc/ld.so.conf file, and to type ldconfig. But since we already covered this in step two, all you need to do is go back to /sbin and run ./ldconfig again.
7. Go back to the Nessus directory, and just like in step six, untar, configure, make, and make install the other three downloaded files in this order.libnasl
8. At this time go back to /sbin and run ./ldconfig again.
9. Go to /usr/local/sbin and, as superuser, type: ./nessus-adduser
This runs a script that starts by generating some primes. Then you should see a prompt that asks you to add a user. You will get another prompt for Authentication method, cipher or plaintext. The default is cipher, so just hit Enter. It should then ask you if your user name is a local user. Type y and hit enter. It then tells you that it is treating your user name as a local user.
After this, the add-user program prompts you to add rules such as where you can or cannot scan. I leave this blank since I am the only one using my machine and I want to scan everything in my network. And since this is a quick start guide, we don't want to complicate things.
Then hit Ctrl - d, and the program will ask you if your selections are correct. If they are, type y and hit Enter.
Once more the program generates some primes. Now you will be asked for a passphrase and you will be prompted to repeat it twice more. Then you will get a confirmation that the user was added and you will be returned to a shell prompt.
10. To run Nessus the Nessus daemon must be running. In the /user/local/sbin type ./nessusd which will start the daemon. (It will continue to run while you are using the scanner. When you finish using the scanner, kill it by typing Ctrl - c). If you choose to have the daemon running in the background all the time type ./nessusd -D and then you can close that terminal window without killing the process.
11. Return to your home directory as a normal user and not superuser. Type: nessus and the nessus program begins with a password prompt. Your login name should be the same user name that you entered in the nessus-adduser program.
Then click the login button and you are ready to go.
You then see different option tabs that you can click through: Nessusd host, Plugins, Preferences, Scan options, Target selection, User, and Credits. These options are generally preconfigured so that while you are getting aquainted with Nessus you don't have to worry about changing the settings.There is one exception: if you are planning to run a scan against your own local host where you have Nessus running, you must only use the Nmap TCP scan and disable the other five. According to the man pages, there is a bug that will prevent them from working properly.
There you have it. A quick
and easy step-by-step guide to getting Nessus up and running on your system.
As I mentioned earlier, Nessus is extemely versatile and there are an infinite
number of ways that it can be configured and utilized. In no way is this
article a substitute for the man pages, README files or the online instructions
found at the nessus.org site. I strongly encourage you to read all availible
documentation so that you'll have a better understanding of the scanner
itself since such a powerful and diverse tool can be used just as easily
to exploit systems as to secure them.
Paul Christensen currently works for Penguin Computing as a Linux Support Specialist. He is a regular contributor to "Best of Technical Support" in the Linux Journal and spends the rest of his free time working with Open Source security applications.