Difference between revisions of "Nessus"

From ArchWiki
Jump to: navigation, search
m (Installation: added Package AUR and Filename formatting; minor formatting changes)
(update templates, see Help:Style)
Line 2: Line 2:
  
 
==Installation==
 
==Installation==
Download and extract the source tarball from the {{Package AUR|nessus}} page on the [[AUR]]:
+
Download and extract the source tarball from the {{AUR|nessus}} page on the [[AUR]]:
{{Cli|$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz
+
{{bc|$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz
 
$ tar xvf nessus.tar.gz}}
 
$ tar xvf nessus.tar.gz}}
  
Line 10: Line 10:
 
*64-bit: Nessus-4.4.1-fc14.x86_64.rpm (12092 KB)
 
*64-bit: Nessus-4.4.1-fc14.x86_64.rpm (12092 KB)
  
Move the RPM file into into the {{Filename|nessus}} directory:
+
Move the RPM file into into the {{ic|nessus}} directory:
{{Cli|$ cd nessus
+
{{bc|$ cd nessus
 
$ mv ~/Downloads/Nessus-4.4.1-fc14.x86_64.rpm .}}
 
$ mv ~/Downloads/Nessus-4.4.1-fc14.x86_64.rpm .}}
  
 
Then, make (and install) the package and any needed dependencies:
 
Then, make (and install) the package and any needed dependencies:
{{Cli|$ makepkg -csi}}
+
{{bc|$ makepkg -csi}}
  
 
==Post-installation setup==
 
==Post-installation setup==
 
Create an SSL certificate for the Nessus web interface:
 
Create an SSL certificate for the Nessus web interface:
{{Cli|# /opt/nessus/sbin/nessus-mkcert}}
+
{{bc|# /opt/nessus/sbin/nessus-mkcert}}
  
 
Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
 
Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
{{Cli|# /opt/nessus/bin/nessus-fetch --register <your key here>}}
+
{{bc|# /opt/nessus/bin/nessus-fetch --register <your key here>}}
  
 
Create a Nessus admin user (unrelated to *nix style users):
 
Create a Nessus admin user (unrelated to *nix style users):
{{Cli|# /opt/nessus/sbin/nessus-adduser}}
+
{{bc|# /opt/nessus/sbin/nessus-adduser}}
  
 
==Usage==
 
==Usage==
 
Start the [[daemon]]:
 
Start the [[daemon]]:
{{Cli|# rc.d start nessusd}}
+
{{bc|# rc.d start nessusd}}
  
You probably do not want to add it to the {{Codeline|DAEMONS}} array in {{Filename|/etc/rc.conf}}.
+
You probably do not want to add it to the {{ic|DAEMONS}} array in {{ic|/etc/rc.conf}}.
  
Access the web interface at https://localhost:8834 and/or use the commandline interface ({{Codeline|/opt/nessus/bin/nessuscmd}}). In most browsers, you will need to manually accept the SSL certificate you created for the server.
+
Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ic|/opt/nessus/bin/nessuscmd}}). In most browsers, you will need to manually accept the SSL certificate you created for the server.
  
 
==Removal==
 
==Removal==
 
The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:
 
The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:
 
{{Note|This will delete your nessus configuration files.}}
 
{{Note|This will delete your nessus configuration files.}}
{{Cli|# rm -r /opt/nessus}}
+
{{bc|# rm -r /opt/nessus}}
  
 
[[Category:Networking (English)]]
 
[[Category:Networking (English)]]
 
[[Category:Security (English)]]
 
[[Category:Security (English)]]

Revision as of 16:08, 18 December 2011

Nessus is a proprietary vulnerability scanner available free of charge for personal use. There are over 40000 plugins covering a large range of both local and remote flaws.

Installation

Download and extract the source tarball from the nessusAUR page on the AUR:

$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz
$ tar xvf nessus.tar.gz

Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license and download the package:

  • 32-bit: Nessus-4.4.1-fc14.i386.rpm (12103 KB)
  • 64-bit: Nessus-4.4.1-fc14.x86_64.rpm (12092 KB)

Move the RPM file into into the nessus directory:

$ cd nessus
$ mv ~/Downloads/Nessus-4.4.1-fc14.x86_64.rpm .

Then, make (and install) the package and any needed dependencies:

$ makepkg -csi

Post-installation setup

Create an SSL certificate for the Nessus web interface:

# /opt/nessus/sbin/nessus-mkcert

Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:

# /opt/nessus/bin/nessus-fetch --register <your key here>

Create a Nessus admin user (unrelated to *nix style users):

# /opt/nessus/sbin/nessus-adduser

Usage

Start the daemon:

# rc.d start nessusd

You probably do not want to add it to the DAEMONS array in /etc/rc.conf.

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd). In most browsers, you will need to manually accept the SSL certificate you created for the server.

Removal

The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:

Note: This will delete your nessus configuration files.
# rm -r /opt/nessus