Difference between revisions of "Nessus"

From ArchWiki
Jump to: navigation, search
(The user is no longer required to download the Nessus rpm, thanks to a script included in the PKGBUILD. The information in the wiki became outdated and has been updated accordingly.)
 
(21 intermediate revisions by 12 users not shown)
Line 1: Line 1:
[[Wikipedia:Nessus (software)|Nessus]] is a proprietary [[Wikipedia:Vulnerability scanner|vulnerability scanner]] available free of charge for personal use. There are [http://www.nessus.org/plugins/ over 40000 plugins] covering a large range of both local and remote flaws.
+
[[Category:Networking]]
 +
[[Category:Security]]
 +
[[ja:Nessus]]
 +
[[ru:Nessus]]
 +
[[Wikipedia:Nessus (software)|Nessus]] is a proprietary [[Wikipedia:Vulnerability scanner|vulnerability scanner]] available free of charge for personal use. There are [http://www.tenable.com/plugins/ over 40,000 plugins] covering a large range of both local and remote flaws.
  
==Installation==
+
== Installation ==
Download and extract the source tarball from the {{AUR|nessus}} page on the [[AUR]]:
+
{{bc|$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz
+
$ tar xvf nessus.tar.gz}}
+
  
Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license and download the package:
+
Download and extract the {{AUR|nessus}} tarball available in the [[AUR]].
*32-bit: Nessus-5.0.0-fc16.i386.rpm (12103 KB)
+
*64-bit: Nessus-5.0.0-fc16.x86_64.rpm (12092 KB)
+
  
Move the RPM file into into the {{ic|nessus}} directory:
+
{{Note|As of April 26, 2016, it is no longer required to agree and download the Nessus rpm. A script will run and download the rpm from the Nessus site automatically. If it appears that nothing is happening, please be patient as the script runs wget silently. The installation will proceed after the rpm is downloaded.}}
{{bc|$ cd nessus
+
$ mv ~/Downloads/Nessus-5.0.0-fc16.x86_64.rpm .}}
+
  
Then, make (and install) the package and any needed dependencies:
+
== Post-installation setup ==
{{bc|$ makepkg -csi}}
+
  
==Post-installation setup==
+
Register your email at http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code and wait for your key to be emailed to you.
Create an SSL certificate for the Nessus web interface:
+
{{bc|# /opt/nessus/sbin/nessus-mkcert}}
+
  
Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
+
== Usage ==
{{bc|# /opt/nessus/bin/nessus-fetch --register <your key here>}}
+
  
{{Note|If you are behind a proxy, you need to modify {{ic|/opt/nessus/etc/nessus/nessus-fetch.rc}}.}}
+
The {{AUR|nessus}} package provides a {{ic|nessusd.service}} unit file, see [[systemd#Using units]] for details.
  
Create a Nessus admin user (unrelated to *nix style users):
+
Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ic|/opt/nessus/sbin/nessuscli}}). In most browsers, you will need to manually accept the SSL certificate you created for the server.
{{bc|# /opt/nessus/sbin/nessus-adduser}}
+
  
==Usage==
+
== Removal ==
Start the [[daemon]]:
+
{{bc|# rc.d start nessusd}}
+
  
You probably do not want to add it to the {{ic|DAEMONS}} array in {{ic|/etc/rc.conf}}.
+
The package can be removed with [[pacman#Removing packages|pacman]], but files created by Nessus, such as the plugin database it downloads, must be removed manually:
  
Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ic|/opt/nessus/bin/nessuscmd}}). In most browsers, you will need to manually accept the SSL certificate you created for the server.
+
{{Note|This will delete your Nessus configuration files.}}
  
==Removal==
+
# rm -r /opt/nessus
The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:
+
{{Note|This will delete your nessus configuration files.}}
+
{{bc|# rm -r /opt/nessus}}
+
  
[[Category:Networking]]
+
== See also ==
[[Category:Security]]
+
 
 +
* [http://www.tenable.com/products/nessus/documentation  The multilanguage official documentation]

Latest revision as of 18:55, 15 May 2016

Nessus is a proprietary vulnerability scanner available free of charge for personal use. There are over 40,000 plugins covering a large range of both local and remote flaws.

Installation

Download and extract the nessusAUR tarball available in the AUR.

Note: As of April 26, 2016, it is no longer required to agree and download the Nessus rpm. A script will run and download the rpm from the Nessus site automatically. If it appears that nothing is happening, please be patient as the script runs wget silently. The installation will proceed after the rpm is downloaded.

Post-installation setup

Register your email at http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code and wait for your key to be emailed to you.

Usage

The nessusAUR package provides a nessusd.service unit file, see systemd#Using units for details.

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/sbin/nessuscli). In most browsers, you will need to manually accept the SSL certificate you created for the server.

Removal

The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually:

Note: This will delete your Nessus configuration files.
# rm -r /opt/nessus

See also