Unifix knowledge database - The original one

Dashboard - News - Search - List - About - Admin


Installing nessus

Author:mike - Sat Jul 10 02:03:49 2004

# lynx -source http://install.nessus.org | sh

--------------------------------------------------------------------------------
                             NESSUS INSTALLATION SCRIPT      
--------------------------------------------------------------------------------



This script will retrieve the latest version of Nessus via CVS, and 
will compile and install it on your system.

To run this script, you must know the root password of this host 
and you need to be able to establish outgoing connections to port 
2401/tcp or 80/tcp (through a proxy or directly)


Press a key to continue  <ENTER>


--------------------------------------------------------------------------------
                     Nessus installation : installation location
--------------------------------------------------------------------------------


Where do you want the whole Nessus package to be installed ? 
[/usr/local] <ENTER>

--------------------------------------------------------------------------------
                     Nessus installation : branch selection
--------------------------------------------------------------------------------


Nessus is currently made up of two branches: 
- the STABLE branch is Nessus 2.0.x. It is now considered as being 
bug-free.

- the DEVEL branch is Nessus 2.1x. It is considered as a being in 
developement, and therefore may prove to be unstable.

Which branch do you wish to install (STABLE or DEVEL) ?
[STABLE] <ENTER>

--------------------------------------------------------------------------------
                     Nessus installation : download method
--------------------------------------------------------------------------------

There are two ways to download Nessus :
  . From cvs, the download will be slower but you'll have the latest version
  . From www, the download will be faster, but you may not get the nightly
    changes. However, www is updated every 24 hours

Which download method do you want ? (cvs or www) [www] <ENTER>

 
--------------------------------------------------------------------------------
                     Nessus installation : final step
--------------------------------------------------------------------------------


Nessus will now be installed on this host. The packages will first be
downloaded from nessus.org, then they will be compiled and installed


Press a key to continue <ENTER>

Are you behind a web proxy ? [y/n] n  <ENTER>

 - Now it downloads and install the software


--------------------------------------------------------------------------------
                     Nessus installation : Finished
--------------------------------------------------------------------------------


Nessus is now installed on this host
. Create a certificate for nessusd using /usr/local/sbin/nessus-mkcert
. Add a user by typing /usr/local/sbin/nessus-adduser
. Then start nessusd by typing /usr/local/sbin/nessusd -D

. Remember to invoke 'nessus-update-plugins' periodically to update your plugins


Press a key to quit  <ENTER>


Then run : /usr/local/sbin/nessus-mkcert

-------------------------------------------------------------------------------
                        Creation of the Nessus SSL Certificate
-------------------------------------------------------------------------------

This script will now ask you the relevant information to create the SSL
certificate of Nessus. Note that this information will *NOT* be sent to
anybody (everything stays local), but anyone with the ability to connect to your
Nessus daemon will be able to retrieve this information.


CA certificate life time in days [1460]: 
Server certificate life time in days [365]: 
Your country (two letter code) [FR]: DK 
Your state or province name [none]: Denmark
Your location (e.g. town) [Paris]: Stoholm
Your organization [Nessus Users United]: Unifix Security


-------------------------------------------------------------------------------
                        Creation of the Nessus SSL Certificate
-------------------------------------------------------------------------------

Congratulations. Your server certificate was properly created.

/usr/local/etc/nessus/nessusd.conf updated
 
The following files were created : 

. Certification authority : 
   Certificate = /usr/local/com/nessus/CA/cacert.pem
   Private key = /usr/local/var/nessus/CA/cakey.pem

. Nessus Server : 
    Certificate = /usr/local/com/nessus/CA/servercert.pem
    Private key = /usr/local/var/nessus/CA/serverkey.pem

Press [ENTER] to exit


   - Create as many users as needed!

localhost root # /usr/local/sbin/nessus-adduser 
Using /var/tmp as a temporary file holder

Add a new nessusd user
----------------------


Login : mike
Authentication (pass/cert) [pass] : <enter>
Login password :  <password> 
Login password (again) :   <password>

User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that mike has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax

Enter the rules for this user, and hit ctrl-D once you are done : 
(the user can have an empty rules set)
<CTRL-D>

Login             : mike
Password          : ********
DN                : 
Rules             : 


Is that ok ? (y/n) [y] y
user added.

Finally start the deamon:
localhost root # /usr/local/sbin/nessusd -D

And then run nessus from some host and connect it up to the deamon!
Copyright(c) Unifix.org 2002-2011


Dashboard - News - Search - List - About - Admin
 
Powered by Mikjaer Consulting Solutions - Hosted by Specialhosting.dk