Friday, October 31, 2008

Legs Pain Weak Wikihow

scanning session, find vulnerabilities in your server.

s Hi everyone, if you followed all the explanations of Network Tutorial and have installed and configured your server. For now, nothing wrong will not use a tool that we detect all the "black hole" that can have our server.
on this entry will explain how to download, install and configure Nessus

.
Nessus Scan is a Vulnerabilidadades that more or less simulate attacks Intrusion our Team.

In operation normal

nessus starts scanning

ports with nmap

or its own port scanner to find open ports and then try several exploits to attack. Vulnerability testing, available as a long list of plugins are written in NASL
(Nessus Attack Scripting Language, Language Nessus Attack Scripting for short), a scripting language optimized for personalized interactions in networks.
Optionally, the scan results reports can be exported in several formats including plain text, XML

,

HTML and LaTeX

. The results may also be stored in a knowledge base for reference in future vulnerability scans.



ATTENTION: Some of the Nessus vulnerability testing can cause services or operating systems become corrupt and fall. The user can avoid this by disabling "unsafe test" (testing is not safe) before scanning.

Well, let's first page of nessus (
www.nessus.org
) and then go to the download (
DOWNLOADS
).





That gives us the option of choosing a version of nessus

and SO And if we want the server or the client, choose the server,









Then we will see a commercial license. We went down and select
I accept.










Then we have to fill the squares with our data. Be sure to put the mail

properly because that's where they will receive a verification code.





finally shown us the links descarga.Elegiremos the Ubuntu package (Nessus-3.2.1- ubuntu804_i386.deb
) Once selected, press the DOWNLOAD button. .

Once you have prepared your package or downloaded, it will install normally from the Console: julian @ ubuntu: ~ / Downloads $ dpkg-i Nessus-3.2.1-ubuntu804_i386.deb [sudo] password for julian:

nessus Selecting previously deselected package. (Reading database ...

176436 files and directories currently installed.) Unpacking nessus (from Nessus-3.2.1-ubuntu804_i386.deb) ... Configuring

nessus (3.2.1) ...
nessusd (Nessus) 3.2.1. for Linux
(C) 1998 - 2008 Tenable Network Security, Inc.

Processing the Nessus plugins... [##################################################]



All plugins loaded



- Please run /opt/nessus/sbin/nessus-adduser to add an admin user - Register your Nessus scanner at http://www.nessus.org/register/ to obtain

all the newest plugins

-
You can start nessusd by typing /etc/init.d/nessusd
start



Processing triggers for libc6 ...
ldconfig deferred processing now
Taking place
We must change the directory where it was installed Nessus,
default is / opt / nessus



julian @ ubuntu: ~ $
cd / opt / nessus

Now run the file nessus-add-first-user to create you a user
to Nessus.
julian @ ubuntu: / opt / nessus $


sudo nessus-add-first-user


Using / var / tmp as a temporary file holder



Add a new user nessusd ----------------------

Login : julito
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
----------
nessusd has a rules system which allows you to restrict the hosts

that julito has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax

Enter the rules for this user, and hit ctrl-D once you are done :
(the user Can Have an empty rules set)
default-accept
NOTE: add: default-accept and press CTRL + D


Login: julito
Password:
*********** DN: Rules

:

default-accept

Is that ok? (Y / n) [y] and user

added.


In this step we create the User Certificate: julian @ ubuntu: / opt / nessus $ sudo nessus-mkcert-client
Do you want to register the users in the Nessus server

as soon as you create their certificates ? (y/n): y
This script will now ask you the relevant information to create the SSL

client certificates for Nessus.
Client certificates life time in days [365]:
Your country (two letter code) [FR]: es
Your state or province name [none]: alicante
Your location (e.g. town) [Paris]: españa

Your organization [none]:
Your organizational unit [none]:
**********
We are going to ask you some question for each client certificate
If some question has a default answer, you can force an empty answer by

entering a single dot '.'
*********
User #1 name (e.g. Nessus username): julito
Client certificates life time in days [365]:
Country (two letter code) [es]: es <<-- State or province name [alicante]: Location (e.g. town) [españa]:

Organization []:
Organization unit []:
e-mail []: xxxxxxx@gmail.com
Generating RSA private key, 1024 bit long modulus
.....................++++++

.............++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated


into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [FR]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/nessus-mkcert.9081/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'es'
stateOrProvinceName :PRINTABLE:'alicante'
localityName :T61STRING:'espa\0xFFFFFFC3\0xFFFFFFB1a'
commonName :PRINTABLE:'julito'
emailAddress :IA5STRING:'xxxxxxx@gmail.com'
Certificate is to be certified until Oct 31 15:02:41 2009 GMT (365 days)
Write out database with 1 new entries
Data Base Updated

User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that has the right to test. For instance, you may want
him to Be Able to scan His own host only.
Please see the nessus-adduser (8) man page for the rules syntax Enter
the rules for this user, hit Ctrl-D and Once You Are Done:
(the user Can Have an empty rules set)
default-Acceptus added to Nessus.
Another client certificate? n
Your client certificates are in. / tmp/nessus-mkcert.9081
You Will Have Them to copy by hand

answer questions as they want, make sure the first question (Do you want to register the users in the Nessus server ...) make the case that if the user created for nessus and the program is installed on the same PC.
Once done, let's run the nessus daemon. With this we will start the nessus server. This is necessary to do every time they use the program as nessus GTK client console even need a server to connect. But does not work. (And let it load the plugins (this may take a few minutes).
julian @ ubuntu: / opt / nessus sudo $ nessusd-D
loading the plugins ..
1234 (out of 24,078)
All plugins loaded
Vale now we install the activation code, therefore we go to:
http://www.nessus.org/plugins/index.php?view=register-info and how we want to use Free Form:

click on:
registe a Home Feed




Casillas then fill in with our data





And we go to our E-mail:


When you have the activation number, key on the console:

julian @ ubuntu: / opt / nessus $ sudo nessus-fetch - register xxxx-xxxx-xxxx-xxxx-xxxx Your
activation code Has Been Properly registered - thank you.
Now fetching the newest plugin plugins.nessus.org from September ... Your
Nessus installation is now up-to-date.
Make sure to call Regularly use the command 'nessus-update-plugins' to stay up-to-date
To automate the update process, please visit





For the Post tells us, our enta Nessus installation date


On page nessus, plugins are updated constantly. Therefore, you should always be current. There are three ways to upgrade:

1) : Let the console and type this: julian @ ubuntu: / opt / nessus $
sudo nessus-update-plugins

going to take a long time. This should be done every day to keep up to date with the plugins.

2):
We go to the nessus website, the party plugins, select those that interest us, we copy and paste into
/ opt / nessus / lib / nessus / plugins format. nasl using the text editor you want. This is used because when you upgrade, the older plugins are not lowered, so you should do with the plugins that most interest you, so least once.
3): From the Console and CRON

, scheduled updating, for example at 3 am:


julian @ ubuntu: ~ $ sudo crontab-e

[sudo] password for julian :







You add a new line, the following:
0 3 * * * / usr / local / sbin / nessus-update-plugins

After
Press Ctrl + X


crontab: installing new crontab



Well, we only Test Nessus with our team to create it in the directory. / Opt / nessus / bin File
targets.txt
with the following information:



nessus-q 127.0.0.1 1241 usuariodenessus contraseñadelusuario / opt / nessus / bin / targets.txt / opt / nessus / bin / results.txt / / The

this file MUST be Created
ALWAYS
we want to start a scan, if you are directed to another computer by changing the IP address.
And not to further lengthen the Entry into another Post, explain how to begin scanning.
A GREETING.
PUDI.


0 comments:

Post a Comment