Nessus 2.2.10 "scan stops incomplete with remote
host is dead message" on Debian Sid / How to resolve the Nessus not
scanning issues on Debian Sid(Testing/unstable)
I haven't used my nessus installation which seemed to be hanging
around since more than a year.
I have no memory which exactly was the last case I used Nessus in
order to conduct some automated general Security testing of Linux
and Windows servers. However when I launched the nessus client and
logged in to the Nessusd server and attempted to scan a host, I
experienced an issue, whether scan was terminated in just about 3
seconds time.
I checked
nessusd's log file
/var/log/nessus/nessusd.messages and found messages
claiming, some file nessus plugin rules file dependencies were
missing. The whole list of the file dependencies which caused my
nessusd misbehaving you can read in
nessusd.messages
In order to check this issues I had to select the tick
Enable
Dependencies at runtime in my
Nessus Plugins tab
This solved the dependencies issues, however the nessus scanner was
completing it's scan in just a few seconds once again.
This time checking the nessus log file doesn't provided me with any
meaningful information on what could be causing Nessus refusals to
scan the node's security.
A search in
Google pointed me
to the following
forum which
suggested a solution to the problems with nessus
misbehaves.
The solution is really simple, somehow the whole scanning issues
are caused by two Ticks in Nessus client program interface:
To solve the issues go to Nessus Client in
Prefs. tab and
uncheck the
Do a TCP ping and
Do an ICMP ping that
will solve the issue for you.
Anyways before I can proceed to that first It was necessery for me
to add a new user to it and start the nessus service.
Here is how I achieved that:
root@noah:~# nessus-adduser
Now you will have to answer to a few questions:
Add a new nessusd user
----------------------
Login : baklava
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
---------- nessusd has a rules system which allows you to restrict
the hosts
that baklava has the right to test. For instance, you may
want
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules
syntax
.
Enter the rules for this user, and hit ctrl-D once you are done
:
(the user can have an empty rules set)
Login : baklava
Password : ***********
DN :
Rules :
Is that ok ? (y/n) [y]
All you need to fill from the above fill in fields is is the
Login and Login Password
After you have filled that you have to press ctrl-D as the text
instructs you.
On the "Is that ok field" just answer y and continue to
bringing up the Nessus Network server.
Before you bring up the nessus daemon listening for connections
from the nessus client, you'll have to provide the server with a
well configured nessusd.conf
I decided to share with you my nessusd.conf file in order to make
your file a bit easier on that.
Download the
copy of nessusd.conf here and place it in:
/etc/nessusd/ directory on your Linux
system.
root@noah:~# /etc/init.d/nessusd start
Now I simply launched the nessus client program
and started the scan. Thanksfully now Nessus worked like a charm !
:)