Monday, March 5, 2012

Nessus Vulnerability Scanner

Sponsored Links

Nessus  is the world’s most widely-deployed vulnerability and configuration assessment product. Features includes high-speed discovery, configuration auditing or misconfiguration check (e.g. open mail relay, missing patches, etc), asset profiling, sensitive data discovery, patch management integration, PCI DSS audits and vulnerability analysis. Nessus mainly check for vulnerabilities rather than rootkits by chkrootkit, rkhunter or LMD.

You can download the rpm from nessus.org

Install nessus using rpm
[root@server src]# rpm -ivh Nessus-5.0.0-es5.i386.rpm
Preparing...                ########################################### [100%]
   1:Nessus                 ########################################### [100%]
nessusd (Nessus) 5.0.0 [build R23018] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded
 - You can start nessusd by typing /sbin/service nessusd start
 - Then go to https://server.lap.work:8834/ to configure your scanner
[root@server src]#

Start the nessus service
[root@server src]# /sbin/service nessusd start
Starting Nessus services:                                  [  OK  ]
[root@server src]#

Nessus defaultly binds to 8834.
[root@server src]# netstat  -ntpla | grep 8834
tcp        0      0 0.0.0.0:8834                0.0.0.0:*                   LISTEN      5754/nessusd
tcp        0      0 :::8834                          :::*                            LISTEN      5754/nessusd
[root@server src]#

Now you can access the nessus through web interface by accessing
https://IP_address_of_the_nessus_server:8834

You have to get free or enterprise license from nessus.org. Then you can create the admin account for making scans and reports.
Sponsored Links

No comments:

Post a Comment

Be nice. That's all.