Scribd Logo
Upload

Welcome to Scribd!

  • How To Setup and Run Nessus 2 2 9

    Uploaded by

    Sharjeel Sayed
    1K views2 pages

    Original Title

    How to Setup and Run Nessus 2 2 9

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1K views2 pages

    How To Setup and Run Nessus 2 2 9

    Uploaded by

    Sharjeel Sayed

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    How to setup and run Nessus 2.2.

    9 from the Linux shell

    A) Installing Nessus Server

    1) Download Nessus from http://www.nessus.org/download/ using lynx broswer


    2) sh nessus-installer-2.2.9.sh
    3) yum install sharutils
    4) yum install flex
    5) yum install bison
    6) Register the Nessus server after installation using nessus-mkcert to receive
    plugins
    /usr/local/sbin/nessus-mkcert
    7) Add a nessus user using nessus-adduser
    /usr/local/sbin/nessus-adduser
    8) Run nessus-update-plugins to update the plugins
    4) Setup a cron job to update plugins every night
    crontab -e
    0 0 * * * /usr/local/sbin/nessus-update-plugins
    5) Run the nessus server as a daemon using the command
    /usr/local/sbin/nessusd -D

    B) Running the Nessus client from the Linux shell

    1) cd /root
    mkdir nessus
    vi /root/nessus/target
    #Enter the target server/ips to scan separated by commas
    2) Run the nessus client for the first time using the following command
    /usr/local/bin/nessus -T html -qxV serverip 1241 username pass
    /root/nessus/target /root/nessus/results.html

    #Warning :The following section is known to have some issues.You can ignore this
    for the time being
    3)cp -a /root/.nessusrc /root/nessus/.nessusrc
    cd /root/nessus
    Go to http://www.tifaware.com/code/update-nessusrc/update-nessusrc
    vi update-nessusrc
    Copy paste the script from the page in this file
    Edit the file as required .

    Execute the following

    /usr/local/sbin/nessus-update-plugins

    perl /root/nessus/update-nessusrc /root/nessus/.nessusrc

    Verify the newly created .nessusrc and make changes if required.

    Run the following command subsequently to scan a target

    /usr/local/bin/nessus -c /root/nessus/.nessusrc -T html -qx localhost 1241


    username pass /root/nessus/target /root/nessus/results.html

    To enable all plugins including ones which can crash a remote host , do the
    following

    a)
    vi /usr/local/etc/nessus/nessusd.conf
    Replace yes with no on the line safe_checks

    b)
    run the following command

    /usr/local/sbin/nessus-update-plugins

    c)
    perl /root/nessus/update-nessusrc -c
    "attack,infos,mixed,scanner,settings,denial,destructive_attack,kill_host"
    /root/nessus/.nessusrc

    d) vi /root/nessus/.nessusrc

    Search for the line safe_checks and replace yes with no


    Search for the line
    begin(PLUGIN_SET)
    Replace no with yes after every plugin id for where you find a no

    Verify the newly created .nessusrc and make changes if required.

    Run the following command subsequently to scan a target


    /usr/local/bin/nessus -c /root/nessus/.nessusrc -T html -qx localhost 1241
    username pass /root/nessus/target /root/nessus/results.html

    C) Running the Nessus Client from Windows

    Download and install the NessusWX client from http://nessuswx.nessus.org/

    You might also like