Difference between revisions of "Nessus"

From ArchWiki
Jump to: navigation, search
m (Installation)
m (Installation)
Line 5: Line 5:
  
 
#Download and extract the taurball:<br /><pre>$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz</pre><pre>$ tar xvf nessus.tar.gz</pre>
 
#Download and extract the taurball:<br /><pre>$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz</pre><pre>$ tar xvf nessus.tar.gz</pre>
#Download the rpm from http://www.nessus.org/download/nessus_download.php.<br />'''32-bit:''' Nessus-4.4.0-fc14.i386.rpm (12103 KB)<br />'''64-bit:''' Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)
+
#Download the rpm from http://www.nessus.org/download/nessus_download.php.<br />   '''32-bit:''' Nessus-4.4.0-fc14.i386.rpm (12103 KB)<br />   '''64-bit:''' Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)
 
#Move the rpm into in the nessus directory.<br /><pre>$ cd nessus</pre><pre>$ mv ~/download/Nessus-4.4.0-fc14.x86_64.rpm .</pre>
 
#Move the rpm into in the nessus directory.<br /><pre>$ cd nessus</pre><pre>$ mv ~/download/Nessus-4.4.0-fc14.x86_64.rpm .</pre>
 
#Then, make (and install) the package:<br /><pre>$ makepkg -csi</pre>
 
#Then, make (and install) the package:<br /><pre>$ makepkg -csi</pre>

Revision as of 06:45, 25 November 2010

Nessus is a powerful vulnerability scanner with over 40000 plugins, covering local and remote flaws.

Installation

  1. Download and extract the taurball:
    $ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz
    $ tar xvf nessus.tar.gz
  2. Download the rpm from http://www.nessus.org/download/nessus_download.php.
    32-bit: Nessus-4.4.0-fc14.i386.rpm (12103 KB)
    64-bit: Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)
  3. Move the rpm into in the nessus directory.
    $ cd nessus
    $ mv ~/download/Nessus-4.4.0-fc14.x86_64.rpm .
  4. Then, make (and install) the package:
    $ makepkg -csi

Post-installation setup

  1. Create an SSL certificate for the Nessus web interface:
    # /opt/nessus/sbin/nessus-mkcert
  2. Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
    # /opt/nessus/bin/nessus-fetch --register <your key here>
  3. Create a Nessus admin user (unrelated to *nix style users):
    # /opt/nessus/sbin/nessus-adduser

Usage

Start the daemon just like any other:

# /etc/rc.d/nessus start

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd).

Removal

The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:

# rm -r /opt/nessus