Installing and configuring Nessus

This tip, courtesy of SearchSecurity.com, gets value-added resellers (VARs) and consultants started with installing and configuring Nessus, and paves the way for channel professionals to run Nessus scans, and deploy the tool as part of a complete vulnerability scanning program.

If you've been around the information security profession for any length of time, you probably have at least a passing familiarity with the Nessus vulnerability scanner. In this, the first of a series Nessus tips, we'll provide you with an introduction to this popular security tool and give you the information you need to install and configure your own Nessus deployment.

Nessus is a member of the family of security tools known as vulnerability scanners. As the name implies, these products scan the network for potential security risks and provide detailed reporting that enables you to remediate gaps in your security posture. These scans run using a client/server architecture, so let's discuss both pieces of that architecture.

The scan engine is available for Linux/Unix systems only (sorry Microsoft fans!). Installation is actually quite simple. If you have the Lynx HTTP browser on your system, simply run the command:

prompt$ lynx –source http://install.nessus.org | sh

This command downloads the Nessus installation script and executes it on your system. Note that the "prompt$" prompt indicates that you should run this command from a normal user account and not with root privileges. If you'd like, you may review the script before executing it on your system. Alternatively, you may build and compile Nessus manually by downloading the source code and compiling it.

Once you've completed the installatio...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Open Source Security Tools Using SnortSP and Snort 2.8.2 OSSEC Host-Based Intrusion Detection Guide How to find new features in Snort 2.8.2 How to use shared object rules in Snort Snort frequently asked questions How to test Snort How to run IDS Snort on Red Hat Enterprise Linux 5 Working with Snort's unified output Output options for Snort data Snort IDS installation basics and tips for security resellers Platform Security Channel Checklist: Windows Vista security An introduction to penetration testing and its legal implications for VARs and consultants Penetration testing reconnaissance -- Footprinting, scanning and enumerating Network penetration testing: Ethical hacking tools and techniques Penetration testing -- Securing wireless access points Penetration testing -- Big bad bugs Penetration testing -- Social engineering, IDS and honey pots Windows security administration using command-line tools Windows Vista BitLocker basics and advanced techniques Microsoft Windows Vista firewall enhancements

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

n, you need to complete three steps to get up and running:

1. Start the Nessus scan server by running the command "nessusd&"
2. Add a Nessus user to your system by executing "nessus –adduser"
3. Start the Nessus client and explore away!

If you'd like to run the Nessus client on a system other than the one you installed the server on, you're free to do so. You may download the NessusClient GUI for Unix systems or the NessusWX client for Windows systems from the Nessus download page. Once you've installed your client, simply point it at the IP address of your Nessus server and connect using the username and password you created in step two above.

The Nessus project began as an open-source community project more than seven years ago. While the basic Unix/Linux scanner is still freely available, many elements of the Nessus line are going commercial. Tenable Security, the current custodians of Nessus, also produce NeWT, a Windows version that uses the wizard-based installation and GUI familiar to Windows users. A free version (limited to scanning hosts on the same Class C subnet as the scanning system) is available for download from Tenable.

One last word of wisdom: the Nessus plug-ins (the scripts that provide the scanning functionality of Nessus) change frequently. Be sure to update your plug-ins from the official site on a regular basis using the "nessus-update-plugins" command on the Nessus server.

Our next tip will explore using Nessus to conduct vulnerability scans, and we'll wrap up the series with a look at deploying Nessus as part of an enterprise vulnerability scanning program.

[IMAGE]
[IMAGE]NESSUS TUTORIAL
[IMAGE]
[IMAGE]  Introduction
[IMAGE]  Installing and configuring Nessus
[IMAGE]  Running a system scan
[IMAGE]  Building an enterprise scanning program
[IMAGE]  Managing Nessus reports
[IMAGE]  Simplifying Nessus security scans
[IMAGE]  Using Nessus with the SANS Top 20 report

Read more on how to prevent wireless attacks and ensure wireless network security.

About the author
Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide and Information Security Illuminated.

This tip originally appeared on SearchSecurity.com.

Rate this Tip To rate tips, you must be a member of SearchSecurityChannel.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.