Installing newest Nessus Security Scanner on
Debian Testing/Unstable (Squeeze/Sid) Linux
First it's necessary to install the
nessus and
nessusclient debian package using apt-get or aptitude:
debian:~# apt-get install nessus
nessusclient
Next you need to edit
/opt/nessus/etc/nessus/nessusd.conf
and configure it properly.
My working
nessusd.conf configuration file can be downloaded from
here
In my configuration nessus is configured to listen from connection
of the GUI environment on
port 1251
To start the nessusd server you need to invoke the init
script:
debian:~# /etc/init.d/nessusd start
The nessus graphical client is available via executing of
/opt/nessus/bin/NessusClient or using the Gnome / KDE menus
to launch it.
Before you start connecting to the nessus server it's necessary
that an authentication user should be issued via the command:
debian:~# /opt/nessus/sbin/nessus-adduser
This program is similar to
/usr/sbin/adduser and will ask
you a few questions the output of the program will be as
follows:
noah:/opt/nessus/bin# /opt/nessus/sbin/nessus-adduser
Login : asdf
Login password :
Login password (again) :
Passwords do not match!
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload
plugins, etc...) (y/n) [n]: n
User rules
----------
nessusd has a rules system which allows you to restrict the
hosts
that asdf has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are
done :
(the user can have an empty rules set)
Login : asdf
Password : ***********
Rules :
Is that ok ? (y/n) [y]
However for some weird reason I cannot establish proper connection
with the nessus server in order to start scanning hosts for
vulnerabilities.
In the nessus client connection configuraitons I already had
included my previously generated
servercert.pem and
cacert.pem
I used the
nessus-mkrand to generate the
cervercert.pem
and cacert.pem
I've tried many attepts to login to my just installed nessus server
but everytime I tried using the nessus client the nessus client
returned connection errors to the server saying:
The remote host does not seem to be a Nessus server (or an SSL
error occured)
I've tried a couple of things to deal with the connection problem,
for instance I tried to not include the usage of the SSL
certificate but it doesn't helped at all.
I've found also some references on the Net which explained the same
shitty error being experienced by other people, so I finally
decided not to use the nessus client application and instead use
the web interface.
I could succesfully acccess the web interface of the nessusd server
through
https://127.0.0.1:8834/ in a browser, I personally
prefer Opera
It's a bit shitty that the web interface of nessus uses adobe flash
to show up some of the page content, the flash was sometimes
crashing my Opera browser which I used as a browser to access the
web interface of the nessus server on my Linux.
The usage of nessus across a browser is really not that pleasant
experience because of the browser crashes, but still it's working
and browser crashes caused by linux flash player occurs every few
scans issued with nessus :)