VulnScan

Un article de Backtrack-fr.

[modifier] Installer Nessus avec le script nessus-installer-2.2.9.sh

Etape 1: Télécharger les paquets nécéssaires (enregistrer dans /tmp)

a) sharutils-4.2.1-9.i386.rpm (ftp://fr2.rpmfind.net/linux/ASPLinux/i386/RPMS.7.3/sharutils-4.2.1-9.i386.rpm)
b) nessus-installer-2.2.9.sh (http://www.nessus.org/download/)

Sur le site de Nessus, enregistrer votre nessus afin d'obtenir par mail un code d'activation qui sera utile plus tard.

D'autres téléchargement utiles...

c) nessus 3.0 Advanced User Guide
d) nessus 3.0 Client User Guide

Etape 2: Installer sharutils-4.2.1-9
Convertir le paquet rpm en tgz avec les commandes suivantes:

 #cd /tmp
 #rpm2tgz sharutils-4.2.1-9.i386.rpm
 #installpkg sharutils-4.2.1-9.i386.tgz

Etape 3: Lancer le nessus-installer

 #su
 #sh nessus-installer-2.2.9.sh

The NESSUS INSTALLATION SCRIPT will now be showing.
Press enter to continue installation.
At the [/usr/local] on the installation location, press enter.
On the Ready to install page, press enter.
At the Activation code : (enter the activation code which was e-mailed to you earlier)
On the Registration page press enter to continue.
On the Finished page press enter to quit.

Etape 4: Créer un certificat nessusd :

 #cd /root
 #su
 #/usr/local/sbin/nessus-mkcert

At the CA certificate life time in days [1460]: (press enter to accept default)
At the Server certificate life time in days [365]: (press enter to accept default)
At the Your country : (enter uk then press enter)
At the Your state or province name: (just press enter)
At the Your location: (just press enter again)
At the Your organization: (press enter)
Press enter to exit.

Etape 5: ajouter un utilisateur nessus:

 #/usr/local/sbin/nessus-adduser

Login: root
Authentication (pass/cert) [pass]: pass
Login password: toor
Login password (again): toor
The following msg appears:
  "Enter the rules for this user, and then hit ctrl-D once you are done:
  (the user can have an empty rules set)" (press Ctrl-D)
Is that ok? (y/n) [y] y 

Etape 6: Mettre à jour les Plugins Nessus

 #/usr/local/sbin/nessus-update-plugins 

Etape 7: Lancer Nessus

 #nessusd -D
 #nessus

Note:
Invoquer (#/usr/local/sbin/nessus-update-plugins) régulièrement pour mettre à jour vos plugins.

• Installation de nessus 3.2 dans backtrack 3 beta

[modifier] Référence

• (en) Site officiel de Nessus