Nessus is a powerful vulnerability scanner with over 40000 plugins, covering local and remote flaws.
Download and extract the taurball:
$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz $ tar xvf nessus.tar.gz
Download the rpm from http://www.nessus.org/download/nessus_download.php.
- 32-bit: Nessus-4.4.0-fc14.i386.rpm (12103 KB)
- 64-bit: Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)
Move the rpm into in the nessus directory.
$ cd nessus $ mv ~/download/Nessus-4.4.0-fc14.x86_64.rpm .
Then, make (and install) the package:
$ makepkg -csi
Create an SSL certificate for the Nessus web interface:
Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:
# /opt/nessus/bin/nessus-fetch --register <your key here>
Create a Nessus admin user (unrelated to *nix style users):
Start the daemon just like any other:
# /etc/rc.d/nessus start
Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd).
The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:
# rm -r /opt/nessus