Nessus is an incredible commercial-grade vulnerability scanner also freely available under the Gnu Public License (GPL). Nessus can use Nmap to further probe networks for holes. Nessus can selectively scan for over 675 (and growing) known security problems. The resulting reports are organized by host, categorized by severity, and can be exported in a variety of formats, to include a very slick crosslinked HTML including pie charts. Links to fixes for known security problems are included.
Installation
Get the required files from : http://rpm.pbone.net/
Initial Configuration
Create a certificate
# nessus-mkcert
If you do not know how to answer, just press enter.
Create a user
# nessus-adduser
Change the runlevel, and start
# checkconfig nessusd on
# /etc/init.d/nessusd start
Update plugins
To use up-to-date plugins, you need to register at http://www.nessus.org/register/
After registering your e-mail, you will receive a message with an id as XXXX-XXXX-XXXX-XXXX-XXXX. You can simple enter like,
# crontab -u root -e
Add following line.
45 7 * * * /usr/sbin/nessus-update-plugins
Scanning
Start nessus
# nessus &
Login to nessus. Type login name and password.
Go to "Plugins" tab and select plugins to perform scanning. For example, press "Enable all" button.
Go to "Target" tab and enter targets. Type either a host name, a host IP address, or network as "192.168.0.0/24"
Press "Start the scan" when you are ready. Wait a while
You will see a report after a couple of moment. So take consideration of the result!
Installation
Get the required files from : http://rpm.pbone.net/
# rpm -ihv nessus-core-2.2.3-3.i586.rpm
# rpm -ihv nessus-libraries-2.2.3-3.i586.rpm
Initial Configuration
Create a certificate
# nessus-mkcert
If you do not know how to answer, just press enter.
Create a user
# nessus-adduser
Change the runlevel, and start
# checkconfig nessusd on
# /etc/init.d/nessusd start
Update plugins
To use up-to-date plugins, you need to register at http://www.nessus.org/register/
After registering your e-mail, you will receive a message with an id as XXXX-XXXX-XXXX-XXXX-XXXX. You can simple enter like,
# nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXXUpdate automatically by crontab
# nessus-update-plugins -v
# crontab -u root -e
Add following line.
45 7 * * * /usr/sbin/nessus-update-plugins
Scanning
Start nessus
# nessus &
Login to nessus. Type login name and password.
Go to "Plugins" tab and select plugins to perform scanning. For example, press "Enable all" button.
Go to "Target" tab and enter targets. Type either a host name, a host IP address, or network as "192.168.0.0/24"
Press "Start the scan" when you are ready. Wait a while
You will see a report after a couple of moment. So take consideration of the result!
2 comments:
hi i m also trying to use nessus for a network scan.. but the check progress dosn't go far.. it starts and then gets hanged.. can u tell wat configuration we have to perform for network scan.
ur help will be appreciated...
Nessus Remote Security Scanner,Thanks for sharing such an informative article.
Download Nessus Remote Security Scanner
Post a Comment