s Hi everyone, if you followed all the explanations of Network Tutorial and have installed and configured your server. For now, nothing wrong will not use a tool that we detect all the "black hole" that can have our server.
on this entry will explain how to download, install and configure Nessus
.
Nessus Scan is a Vulnerabilidadades that more or less simulate attacks Intrusion our Team.
In operation normal
nessus starts scanning
ports with nmap
or its own port scanner to find open ports and then try several
exploits to attack. Vulnerability testing, available as a long list of plugins are written in NASL (Nessus Attack Scripting Language, Language Nessus Attack Scripting for short), a scripting language optimized for personalized interactions in networks.
Optionally, the scan results reports can be exported in several formats including plain text, XML
,
HTML and LaTeX
. The results may also be stored in a knowledge base for reference in future vulnerability scans.
ATTENTION:
Some of the Nessus vulnerability testing can cause services or operating systems become corrupt and fall. The user can avoid this by disabling "unsafe test" (testing is not safe) before scanning. Well, let's first page of nessus (
www.nessus.org
) and then go to the download (
DOWNLOADS
).
That gives us the option of choosing a version of nessus
and SO And if we want the server or the client, choose the server,
Then we will see a commercial license. We went down and select
I accept.
Then we have to fill the squares with our data. Be sure to put the mail
properly because that's where they will receive a verification code.
finally shown us the links descarga.Elegiremos the Ubuntu package (Nessus-3.2.1- ubuntu804_i386.deb
) Once selected, press the DOWNLOAD button. .
Once you have prepared your package or downloaded, it will install normally from the Console: julian @ ubuntu: ~ / Downloads $ dpkg-i Nessus-3.2.1-ubuntu804_i386.deb [sudo] password for julian:
nessus Selecting previously deselected package. (Reading database ...
176436 files and directories currently installed.) Unpacking nessus (from Nessus-3.2.1-ubuntu804_i386.deb) ... Configuring
nessusd (Nessus) 3.2.1. for Linux
(C) 1998 - 2008 Tenable Network Security, Inc.
Processing the Nessus plugins... [##################################################] All plugins loaded
- Please run /opt/nessus/sbin/nessus-adduser to add an admin user
- Register your Nessus scanner at http://www.nessus.org/register/ to obtain all the newest plugins
-
You can start nessusd by typing /etc/init.d/nessusd
start
Processing triggers for libc6 ...
ldconfig deferred processing now
Taking place
We must change the directory where it was installed Nessus,
default is / opt / nessus
julian @ ubuntu: ~ $
cd / opt / nessus
Now run the file nessus-add-first-user to create you a user to Nessus.
julian @ ubuntu: / opt / nessus $
sudo nessus-add-first-user
Using / var / tmp as a temporary file holder
Add a new user nessusd ----------------------
Login : julito
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that julito has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules syntax
Enter the rules for this user, and hit ctrl-D once you are done :
(the user Can Have an empty rules set)
default-accept
NOTE: add: default-accept and press CTRL + D
Login: julito
Password:
*********** DN: Rules
:
default-accept
Is that ok? (Y / n) [y] and user
added.
In this step we create the User Certificate: julian @ ubuntu: / opt / nessus $ sudo nessus-mkcert-client
Do you want to register the users in the Nessus server
as soon as you create their certificates ? (y/n): y
This script will now ask you the relevant information to create the SSL
client certificates for Nessus.
Client certificates life time in days [365]:
Your country (two letter code) [FR]: es
Your state or province name [none]: alicante
Your location (e.g. town) [Paris]: españa
Your organization [none]:
Your organizational unit [none]:
**********
We are going to ask you some question for each client certificate
If some question has a default answer, you can force an empty answer by
entering a single dot '.'
*********
User #1 name (e.g. Nessus username): julito
Client certificates life time in days [365]:
Country (two letter code) [es]: es <<-- State or province name [alicante]: Location (e.g. town) [españa]:
Organization []:
Organization unit []:
e-mail []: xxxxxxx@gmail.com
Generating RSA private key, 1024 bit long modulus
.....................++++++
.............++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [FR]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/nessus-mkcert.9081/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'es'
stateOrProvinceName :PRINTABLE:'alicante'
localityName :T61STRING:'espa\0xFFFFFFC3\0xFFFFFFB1a'
commonName :PRINTABLE:'julito'
emailAddress :IA5STRING:'xxxxxxx@gmail.com'
Certificate is to be certified until Oct 31 15:02:41 2009 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that has the right to test. For instance, you may want
him to Be Able to scan His own host only.
Please see the nessus-adduser (8) man page for the rules syntax Enter
the rules for this user, hit Ctrl-D and Once You Are Done:
(the user Can Have an empty rules set)
default-Acceptus added to Nessus.
Another client certificate? n
Your client certificates are in. / tmp/nessus-mkcert.9081
You Will Have Them to copy by hand
answer questions as they want, make sure the first question (Do you want to register the users in the Nessus server ...) make the case that if the user created for nessus and the program is installed on the same PC.
Once done, let's run the nessus daemon. With this we will start the nessus server. This is necessary to do every time they use the program as nessus GTK client console even need a server to connect. But does not work. (And let it load the plugins (this may take a few minutes).
julian @ ubuntu: / opt / nessus sudo $ nessusd-D
loading the plugins ..
1234 (out of 24,078)
All plugins loaded
Vale now we install the activation code, therefore we go to:
http://www.nessus.org/plugins/index.php?view=register-info and how we want to use Free Form:
click on:
registe a Home Feed
Casillas then fill in with our data
And we go to our E-mail:
When you have the activation number, key on the console:
julian @ ubuntu: / opt / nessus $ sudo nessus-fetch - register xxxx-xxxx-xxxx-xxxx-xxxx Your
activation code Has Been Properly registered - thank you.
Now fetching the newest plugin plugins.nessus.org from September ... Your
Nessus installation is now up-to-date.
Make sure to call Regularly use the command 'nessus-update-plugins' to stay up-to-date
To automate the update process, please visit
For the Post tells us, our enta Nessus installation date
On page nessus, plugins are updated constantly. Therefore, you should always be current. There are three ways to upgrade:
1) : Let the console and type this: julian @ ubuntu: / opt / nessus $
sudo nessus-update-plugins
going to take a long time. This should be done every day to keep up to date with the plugins.
2):
We go to the nessus website, the party plugins, select those that interest us, we copy and paste into
/ opt / nessus / lib / nessus / plugins
format. nasl using the text editor you want. This is used because when you upgrade, the older plugins are not lowered, so you should do with the plugins that most interest you, so least once. 3): From the Console and CRON
, scheduled updating, for example at 3 am:
julian @ ubuntu: ~ $ sudo crontab-e
[sudo] password for julian : You add a new line, the following:
0 3 * * * / usr / local / sbin / nessus-update-plugins
After
Press Ctrl + X
crontab: installing new crontab
Well, we only Test Nessus with our team to create it in the directory. / Opt / nessus / bin File
targets.txt
with the following information:
nessus-q 127.0.0.1 1241 usuariodenessus contraseñadelusuario / opt / nessus / bin / targets.txt / opt / nessus / bin / results.txt / / The
this file MUST be Created
ALWAYS
we want to start a scan, if you are directed to another computer by changing the IP address.
And not to further lengthen the Entry into another Post, explain how to begin scanning.
A GREETING.
0 comments:
Post a Comment