Difference between revisions of "Nessus"
m (→Installation: added Package AUR and Filename formatting; minor formatting changes) |
m (→Post-installation setup: update link) |
||
(9 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
− | [[Wikipedia:Nessus (software)|Nessus]] is a proprietary [[Wikipedia:Vulnerability scanner|vulnerability scanner]] available free of charge for personal use. There are [http://www. | + | [[Category:Networking]] |
+ | [[Category:Security]] | ||
+ | |||
+ | [[Wikipedia:Nessus (software)|Nessus]] is a proprietary [[Wikipedia:Vulnerability scanner|vulnerability scanner]] available free of charge for personal use. There are [http://www.tenable.com/plugins/ over 40,000 plugins] covering a large range of both local and remote flaws. | ||
==Installation== | ==Installation== | ||
− | Download and extract | + | Download and extract the {{AUR|nessus}} tarball available in the [[AUR]]. |
− | |||
− | |||
− | Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license and download the package: | + | Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license, and download the package: |
− | *32-bit: Nessus- | + | *32-bit: Nessus-5.0.2-fc16.i386.rpm |
− | *64-bit: Nessus- | + | *64-bit: Nessus-5.0.2-fc16.x86_64.rpm |
− | Move the RPM file | + | Move the RPM file into the {{ic|nessus}} directory (i.e. the directory you extracted the tarball's contents to). |
− | |||
− | |||
− | Then, | + | Then, [[AUR#Installing_packages|build and install]] the package and any needed dependencies: |
− | + | $ makepkg -csi | |
==Post-installation setup== | ==Post-installation setup== | ||
Create an SSL certificate for the Nessus web interface: | Create an SSL certificate for the Nessus web interface: | ||
− | {{ | + | {{bc|# /opt/nessus/sbin/nessus-mkcert}} |
− | Register your email at http://nessus | + | Register your email at http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code and wait for your key to be emailed to you. Then, download all the plugins from the feed with: |
− | {{ | + | {{bc|# /opt/nessus/bin/nessus-fetch --register <your key here>}} |
− | Create a Nessus admin user (unrelated to | + | {{Note|If you are behind a proxy, you need to modify {{ic|/opt/nessus/etc/nessus/nessus-fetch.rc}}.}} |
− | {{ | + | |
+ | Create a Nessus admin user (unrelated to Unix-style users): | ||
+ | {{bc|# /opt/nessus/sbin/nessus-adduser}} | ||
==Usage== | ==Usage== | ||
− | |||
− | |||
− | + | The {{aur|nessus}} package provides a {{ic|nessusd.service}} unit file, see [[systemd]] for details. | |
− | Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ | + | Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ic|/opt/nessus/bin/nessuscmd}}). In most browsers, you will need to manually accept the SSL certificate you created for the server. |
==Removal== | ==Removal== | ||
− | The package can be removed with pacman, but files created by | + | The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually: |
− | {{Note|This will delete your | + | {{Note|This will delete your Nessus configuration files.}} |
− | {{ | + | {{bc|# rm -r /opt/nessus}} |
− | |||
− | |||
− |
Revision as of 19:23, 14 November 2012
Nessus is a proprietary vulnerability scanner available free of charge for personal use. There are over 40,000 plugins covering a large range of both local and remote flaws.
Installation
Download and extract the nessusAUR tarball available in the AUR.
Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license, and download the package:
- 32-bit: Nessus-5.0.2-fc16.i386.rpm
- 64-bit: Nessus-5.0.2-fc16.x86_64.rpm
Move the RPM file into the nessus
directory (i.e. the directory you extracted the tarball's contents to).
Then, build and install the package and any needed dependencies:
$ makepkg -csi
Post-installation setup
Create an SSL certificate for the Nessus web interface:
# /opt/nessus/sbin/nessus-mkcert
Register your email at http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
# /opt/nessus/bin/nessus-fetch --register <your key here>
/opt/nessus/etc/nessus/nessus-fetch.rc
.Create a Nessus admin user (unrelated to Unix-style users):
# /opt/nessus/sbin/nessus-adduser
Usage
The nessusAUR package provides a nessusd.service
unit file, see systemd for details.
Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd
). In most browsers, you will need to manually accept the SSL certificate you created for the server.
Removal
The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually:
# rm -r /opt/nessus