Howto:Install Nessus
From Offensive-security.com
Contents |
Install Nessus 3.0.6
NOTICE some minor problems might still be present, I will address these after a second install and refine this further
Download Files
- Nessus-3.0.6-fc5.i386.rpm
http://www.nessus.org/download/index.php?product=nessus3-linux I accept Register with a REAL email address. Submit Locate Nessus-3.0.6-fc5.i386.rpm and download
Download NessusClient-1.0.2 & nessus-libraries-2.2.10
curl -O http://www.nessus.org/download/fget.php?file=NessusClient-1.0.2.tar.gz&licence_accept=yes curl -O http://www.nessus.org/download/fget.php?file=nessus-libraries-2.2.10.tar.gz&licence_accept=yes
Convert Nessus 3.0.6
rpm2tgz Nessus-3.0.6-fc5.i386.rpm gzip -d Nessus-3.0.6-fc5.i386.tgz tar -xvf Nessus-3.0.6-fc5.i386.tar
Install NessusClient 1.0.2
tar -xvf NessusClient-1.0.2.tar.gz cd NessusClient-1.0.2/ ./configure make && make install cd
- Note : Message - NessusClient has been successfully installed.
Install Nessus libraries
gzip -d nessus-libraries-2.2.10.tar.gz tar -xvf nessus-libraries-2.2.10.tar cd nessus-libraries ./configure && make && make install
Move Nessus to the correct location
If you haven't un-rpm'd, un-tar'd the nessus rpm in the opt directory, move it there now:
mv opt/nessus /opt/
Copy Nessus lib
cp /opt/nessus/lib/* /lib
Configure Nessus
export PATH=$PATH:/opt/nessus/sbin:/opt/nessus/bin: cp /usr/lib/libssl.so /lib cp /usr/lib/libcrypto.so /lib cd /lib /opt/nessus/sbin/nessus-mkcert
- Note : This command produces an error message that some version of libcrypto.so.X is required – Replace X with proper #
ln libssl.so libssl.so.X ln libcrypto.so libcrypto.so.X
Create certificate and user
cd /opt/nessus/sbin nessus-mkcert: <enter through> nessus-adduser Login : your user Authentication (pass/cert) [pass] : pass Login password : your password Login password (again) : confirm your password
- Note : Enter the rules for this user. Hit ctrl-D
ctrl-D Is that ok ? (y/n) [y] y
Update plugins
- Note : If you registered with a VALID email when you downloaded Nessus-3.0.6-fc5.i386.rpm then check your email for this activation code. Otherwise go to Nessus.org - REGISTER.
cd /opt/nessus/etc/nessus/ nessus-fetch --register XXX-YYY-ZZZ-VVV
- Note : older method
Install Nessus-2.2.10
Go to http://www.nessus.org/download/
Select: Nessus 2.2.10 source code
--Download to /root
libnasl-2.2.10.tar.gz
nessus-core-2.2.10.tar.gz
nessus-libraries-2.2.10.tar.gz
nessus-plugins-2.2.10.tar.gz
--run
tar -zxvf libnasl-2.2.10.tar.gz
tar -zxvf nessus-core-2.2.10.tar.gz
tar -zxvf nessus-libraries-2.2.10.tar.gz
tar -zxvf nessus-plugins-2.2.10.tar.gz
--Installing Nessus
--Note: do commands in order as shown
cd nessus-libraries/
./configure
make
make install
cd ../libnasl
./configure
make
make install
Note: If you do not want to use GTK (or your system lacks X11 for instance)use this:
./configure --disable-gtk when compiling nessus-core
cd ../nessus-core
./configure
make
make install
cd ../nessus-plugins
./configure
make
make install
-- Note: add /user/local/bin and /user/local/sbin to /etc/ld.so.conf
nano /etc/ld.so.conf
ldconfig
--You must register your email to receive the activation code
nessus-fetch --register <your activation code>
--Add a nessusd user
nessus-adduser
--Create SSL Cert
nessus-mkcert
--Start nessusd
nessusd -D
You can also remove the untared packages with:
rm -d -f -r <directory>
To remove the tar.gz files: rm *.gz
-Brought to you by The Company and Remote Exploit
Installation Using nessus-installer-2.2.9.sh script
Step 1: Download needed Packages (save to /tmp)
a) sharutils-4.2.1-9.i386.rpm (ftp://fr2.rpmfind.net/linux/ASPLinux/i386/RPMS.7.3/sharutils-4.2.1-9.i386.rpm)
b) nessus-installer-2.2.9.sh (http://www.nessus.org/download/)
When at the Nessus site, register your nessus to get e-mailed an activation code which is needed later.
also worth downloading are:
c) nessus 3.0 Advanced User Guide
d) nessus 3.0 Client User Guide
Step 2: Installing sharutils-4.2.1-9
Convert the rpm package to tgz with the following commands:
#cd /tmp #rpm2tgz sharutils-4.2.1-9.i386.rpm #installpkg sharutils-4.2.1-9.i386.tgz
Step 3: Running the nessus-installer
#su #sh nessus-installer-2.2.9.sh The NESSUS INSTALLATION SCRIPT will now be showing. Press enter to continue installation. At the [/usr/local] on the installation location, press enter. On the Ready to install page, press enter. At the Activation code : (enter the activation code which was e-mailed to you earlier) On the Registration page press enter to continue. On the Finished page press enter to quit.
Step 4: Creating a nessusd certificate:
#cd /root #su #/usr/local/sbin/nessus-mkcert At the CA certificate life time in days [1460]: (press enter to accept default) At the Server certificate life time in days [365]: (press enter to accept default) At the Your country : (enter uk then press enter) At the Your state or province name: (just press enter) At the Your location: (just press enter again) At the Your organization: (press enter) Press enter to exit.
Step 5: Add a nessus user:
#/usr/local/sbin/nessus-adduser Login: root Authentication (pass/cert) [pass]: pass Login password: toor Login password (again): toor The following msg appears: "Enter the rules for this user, and then hit ctrl-D once you are done: (the user can have an empty rules set)" (press Ctrl-D) Is that ok? (y/n) [y] y
Step 6: Update Nessus Plugins
#/usr/local/sbin/nessus-update-plugins
Step 7: Run Nessus
#nessusd -D #nessus
Note:
Remember to invoke (#/usr/local/sbin/nessus-update-plugins) periodically to update your plugins.
