Detailed deployment of Nessus

1. Overview of Nessus

Nessus is considered to be the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75,000 organizations use Nessus as software to scan their computer systems.

* Provides a complete computer vulnerability scan service and updates its Vulnerability Database at any time.

* Unlike traditional vulnerability scanning software, Nessus can simultaneously perform system vulnerability analysis and scanning by shaking control on the local or remote end.

* The operating efficiency can be adjusted based on system resources. If you add more resources to the host (such as accelerating the CPU speed or increasing the memory size), the efficiency of the host can be improved because of the abundant resources.

* You can customize the plug-in (plug-in)

* NASL (Nessus attack scripting language) is a language developed by tenable and used to write security test options for Nessus.

* SSL (Secure Socket Layer) is fully supported ).

* It has been around for ten years since its development in 1998, so it is a well-developed software.

Using the customer/server architecture, the client provides a graphical interface running in X Window to receive user commands and communicate with the server,

Send a user's scan request to the server. The server starts the scan and presents the scan result to the user. The scan code and vulnerability data are independent of each other,

Nessus has a corresponding plug-in for each vulnerability. The vulnerability plug-in is a short piece of attack simulation vulnerability code written by NASL (Nessus attack scripting language,

This vulnerability plug-in scanning technology greatly facilitates the maintenance and update of vulnerability data. Nessus has the ability to scan any port for any service;

Generate detailed output reports in the format specified by the user (ASCII text, HTML, etc.), including the target's vulnerabilities, how to fix vulnerabilities to prevent hacker intrusion and risk levels.

2. Nessus software usage demonstration

-- Watch Youku demonstration

3. Deployment of Nessus

1) install software

# Rpm-IVH Nessus-4.4.1-es5.i386.rpm

# Vim ~ /. Bash_profile

Export Path =/opt/Nessus/sbin:/opt/Nessus/bin: $ path

Export manpath =/opt/Nessus/MAN: 'manpath'

# Source ~ /. Bash_profile

Composition of Nessus software:

# Ll/opt/Nessus/

Drwxr-XR-x 2 root Root 4096 Jan 8 bin -- commands used by common users

Drwxr-XR-x 3 Root 4096 Jan 8 com -- root certificate

Drwxr-XR-x 3 Root 4096 Jan 8 etc -- configuration file

Drwxr-XR-x 3 Root 4096 Jan 11 lib -- plug-in used for scanning

Drwxr-XR-x 4 Root 4096 Jan 8 00:47 man

Drwxr-XR-x 2 root Root 4096 Jan 8 sbin

Drwxr-XR-x 3 Root 4096 Jan 8 var -- account/log/report/Web Page

2) Start Nessus and use the Web Client to access

# Service nessusd start

# Chkconfig nessusd on

# Netstat-tnlp | grep Nessus

TCP 0 0 0.0.0.0: 8834 0.0.0.0: * Listen 13908/nessusd -- Web Access Port

TCP 0 0 0.0.0.0: 1241 0.0.0.0: * Listen 13908/nessusd -- Port accessed by the Nessus Client

TCP 0 0: 1241: * Listen 13908/nessusd

3) Open the browser to access https: // localhost: 8834 and perform Initialization Configuration.

Before accessing the browser, you must install the flash plug-in on the client:

# Rpm-IVH flash-plugin-10.3.183.11-release.i386.rpm-restart the browser after installation

Application serial number

Http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code

Register Nessus

Wait for Agent updates

4) operations on the Nessus Web Interface (first scan yourself and then scan other hosts ):

1) create a scan policy (define a scan policy/scan the target host using the account and password, etc)

2) scan the specified host (192.168.0.1 192.168.0.0/24)

3) view and export the report.

4) fix vulnerabilities

This article is from "O & M! Liberation !" Blog, declined to reprint!