Nessus is a very convenient security scanning tool, the advantages of this tool are many. Small and powerful, able to meet the security of the Enterprise scan.
Here we begin to install Nessus
Baidu Encyclopedia in the request to download the four necessary packages, in fact, completely unnecessary. At the very least, my experiment is like this.
To Nessus official website, according to your system, wget the corresponding installation package can be.
Step 1: Install the package, use the Rpm-ivh method to
Step 2: After the installation is complete, you will be prompted to http://www.nessus.org/register/for registration. and must register, because the corresponding plugin has not been installed. Of course, if you are the latest installation package, you must register as required, and then you will be prompted to do the latest plug-in installation. But in the end, the system will tell you that no plugins can be installed. Even so, you must register and scan for installation.
Step 3: To the official website to find the appropriate address for registration, the official website provides two aspects of registration, respectively, the company and the family. Company registration needs to pay, and for the family is free. The family's lifespan is 1.5, enough for us to use. After the registration, the official website will send a letter with the registration code to your mailbox, then we will register.
Step 4: Register/opt/nessus/bin/nessus-fetch--register after the space with your registration code on it, it will prompt you to register successfully or have been used
Step 5: Start the Services service NESSUSD start or/ETC/INIT.D/NESSUSD start
After startup, the system may be prompted a paragraph of English, probably means: Many plug-ins need to upgrade or missing, need to register to normal use, and then give the registration link. Registration of the way to fill out the mailbox, the system will send a mailbox to the mailbox specific operation method and a activation code. Then execute the/opt/nessus/bin/nessus-fetch--registe space followed by your registration number. It will then automatically start installing the latest plugins or something.
Step 6: Add the user/opt/nessus/sbin/nessus-adduser, you will be prompted to add the appropriate password, the password you set yourself.
Step 7: Finally, open the browser and enter https://ip:8834 8834 as the port number for the Nessus service. If you are not sure that the service is started after you start the service, you can ps-aux |grep NESSUSD to view
After you open the browser, enter your username and password to scan!
Ubuntu under Nessus installation use
Nessus Relatively speaking, is a very powerful security scanning audit tool, for hackers, is targeted at the target host vulnerabilities to find tools, available scanning plug-ins are updated every day, update the speed of first-class, by the vast number of security enthusiasts love.
Nessus Scanner is a C/s mode structure
But it's a little cumbersome to install.
@linuxidc $sudo apt-get Install NESSUSD
Install service side
@linuxidc $sudo apt-get Install Nessus
Install Client
@linuxidc: ~ $sudo nessus-adduser
Using/var/tmp as a temporary file holder
ADD a new NESSUSD user
----------------------
Login:n3tl04d
Authentication (Pass/cert) [Pass]: # Direct return, use password authentication
Login Password:
Login Password (again):
User rules
----------
NESSUSD has a rules system which allows you to restrict the hosts
That's n3tl04d has to test. For instance/may want
Him to is able to scan he own host only.
Please have a nessus-adduser (8) man page for the rules syntax
Enter the rules for this user, and hit ctrl-d once your are done:
(The user can have an empty rules set)
Login:n3tl04d
Password: ***********
Dn:
Rules:
Is that OK? (y/n) [Y] Y
User added.
Add user
@linuxidc: ~ $sudo nessusd-d
All plugins loaded
Start a service
@linuxidc: ~ $nessus
Open the client login and it's OK
install Nessus under Linux/centos
To the website download package, I am CentOS's system on the next RPM package, Ubuntu users on the next Deb package.
Machine is centos_x86_32, RPM-IVH nessus.rpm installation, if the installation process is missing the package and so on, the need for additional manual installation, such as my installation process prompts libssl.so.2 not installed, yum-y install Libssl.so.2 installation on the line.
Skip from the terminal to the Nessus installation directory, run Nessus-adduser, and follow the prompts to complete the operation.
Through the official website to obtain the registration code, the implementation Nessus-fetch register XXXX-XXXX-XXXX-XXXX
Because Nessus open port is 8834, and is based on HTTPS, so need to generate a certificate, execution Nessus-mkcert according to the prompts to complete, the installation is done here (I did not generate a certificate, resulting in 8834 ports can not monitor properly).
Start NESSUSD service, Sessus-fetch? security-center,nessus-service-d
NESSUS4 will default to the/ETC/INIT.D/NESSUSD file.
Netstat-an|grep 8834 is in the listening state.
https://ip:8834/access, initialization takes a while, as in the case of use, you need to create a rule first.