Nessus is a powerful security scanning and auditing tool.
A hacker is a tool used to search for vulnerabilities on the target host.
The available scanning plug-in is updated every day, and the update speed is superb.
It is favored by many security enthusiasts.
However, compared with cainiao, who just started out at the technical level, they only heard of their names and did not know how to install and use them.
The purpose of this article is to allow users who can understand Chinese characters to install and use it through simple language instructions.
The Nessus scanner is in the C/S mode structure.
The client can be installed on a Windows host, but the server does not support Windows hosts.
This is a headache for many cainiao
Since my computer does not have windows, I just talk about the installation process.
As for clients that can go to http://nessuswx.nessus.org/archive/nessuswx-1.4.4-install.exe
Download and install 1.4.4
For those who want to use it in windows, we recommend that you use VMware to build a * nix platform and install
Now, assume that you have Installed VMware and the * nix environment already exists in the virtual machine.
Open a terminal window (that is, the command line)
Enter
Wget ftp://ftp.ayamura.org/pub/nessus/nessus-2...us-installer.sh
This line of command means to use wget to download this nessus-installer.sh file to the current directory
Wget is an excellent tool for downloading text files.
First download the installation angular of the server, and then in the directory where the current file is located
Run
Chmod 711 nessus-installer.sh
Command to add executable properties to the file
Here I want to explain the specific meaning of chmod 711
Read this article to learn basic UNIX knowledge, even if you do not install Nessus.
Chmod is Unix. in Linux, the next command is used to set the corresponding permissions for the file.
The permission to use a file can be different from that of a user. They are user, group, and other,
Is it the file owner and the users in other systems in the group)
In each category, you can set whether they have read, write (w), and execute (x) permissions.
The file permission can be viewed through LS-L,
For example: ls-l nessus-installer.sh
-Rwx -- X 1 Root 3957124 May 28 04:14 nessus-installer.sh
Note that the file owner has the read and write permissions, and the group users and other users only have the executable permissions.
In the command chmod 711, the number 711 represents the permissions of the file owner, the group users, and other users.
Here, we can see the following number Conversion
Read: 4
Write: 2
Executable: 1
If you want to set the permissions for a category, you can express these numbers and add the sum.
For example, the above 7 indicates that the file owner has the read and write permissions, and the group users and other users have the executable permissions.
So many people should understand it.
In addition, setting commands for files is much simpler.
We just added the executable permission to this installation angular, and now we can execute it for installation.
However, many new users do not know how to run an executable file in * nix environment.
In fact, it is very easy to add a "./" in front, and then the file name will be followed
For example:./nessus-installer.sh
There is another way. We can see that the file suffix is. Sh, which is the shell corner.
You can run it with shell, we enter the sh nessus-installer.sh, you can also execute this file
Now we execute the installation angular sh nessus-installer.sh
The system displays the following:
Welcome to the Nessus installation script!
This script will install Nessus 2.0.10a (stable) on your system.
Please note that you will need root privileges at some point so that
The installation can complete.
Nessus is released under the version 2 of the GNU General Public License
(See http://www.gnu.org/licences/gpl.html for details ).
To get the latest version of Nessus, visit http://www.nessus.org
Press enter to continue
Welcome information, and it indicates that you want to install it with the root permission, and prompt to press enter to continue
Here, if you are already an administrator user, press enter to continue
Wait for a while.
Where do you want the whole Nessus package to be installed?
[/Usr/local]
Here is to let you set the installation path. In this case, we can directly use the default, just add a carriage return.
Of course, you can also install it elsewhere, such as input/opt/scan.
Press enter to continue.
Nessus is now ready to be installed on this host.
The installation process will first compile it then install it
Press enter to continue
The installation program prompts you to confirm the installation. If you do not want to install it, simply exit. If you confirm the installation, press enter to continue.
You have to execute the installer.
Click Enter here to continue
After the installation is complete, the following message will be displayed:
Congratulations! Nessus is now installed on this host
. Create a nessusd certificate using/usr/local/sbin/Nessus-mkcert
. Add a nessusd user use/usr/local/sbin/Nessus-adduser
. Start the Nessus daemon (nessusd) Use/usr/local/sbin/nessusd-d
. Start the Nessus client (Nessus) Use/usr/local/bin/Nessus
. To uninstall Nessus, use/usr/local/sbin/uninstall-NESSUS
. Remember to invoke 'nessus-Update-ins ins' periodically to update your
List of plugins
. A step by step demo of Nessus is available:
Http://www.nessus.org/demo/
Press enter to quit
The installation is successful. Press enter to exit.
The path to the executable file and after the program is installed, you can go to the http://www.nessus.org/demo/.
Watch official demos
After we press enter to complete the installation, we will start adding users.
Enter: Nessus-adduser, and press Enter.
/Usr/local/sbin/Nessus-adduser
Using/var/tmp as a temporary file holder
Add a new nessusd user
----------------------
Login:
Enter the user name here
Then authentication (Pass/CERT) [pass]:
If you are prompted to select the authentication method, press enter and use the default password for authentication. No certificate is required.
Then in the login password:
Enter the password and press Ctrl + D to save
Then we start the service with nessusd-D.
Case Sensitive
If the system prompts whether the certificate has been generated and the service fails to start, run Nessus-mkcert
Enter some information, generate the certificate, and then start nessusd-d
After the service is started, the main program will be executed in the command line.
Before that, we can also execute: Nessus-Update-plugins
To upgrade the scanning plug-in, and then start scanning
As for the Client installation and use, I do not have a platform installation test and cannot describe it in detail.
Let's take a closer look at it for two days!