Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Suggest HOWTO

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 3rd November 2006, 08:22
sysconfig sysconfig is offline
Junior Member
Join Date: Nov 2006
Location: (.)
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to sysconfig
Default Security scan using Nessus

Nessus is a free program released under the GPL. It is a great tool designed to automate the testing and discovery of known security problems.

One of the very powerful features of Nessus is its client server technology. Servers can be placed at various strategic points on a network allowing tests to be conducted from various points of view.

Nessus is made up of two parts - a client and a server. You need a Unix-like system to use the server (Linux is just fine).

First : download and install nessusd and nessus
Second : create a nessusd account


Download Nessus and related component from the URL: http://www.nessus.org/download/ to particular directory:

* nessus-libraries-x.x.tar.gz
* libnasl-x.x.tar.gz
* nessus-core.x.x.tar.gz
* nessus-plugins.x.x.tar.gz
Now, you need compile the related tool in order to install it in your linux system.

Extract the downloaded component using command:

tar -xvzf <pkg_Nm>

which will create related directory for each component.

Installing nessus-libraries

root:~# cd nessus-libraries
root:~# ./configure
root:~# make
root:~# make install

Installing libnasl

root:~# cd libnasl
root:~# ./configure
root:~# make
root:~# make install

Installing nessus-core

root:~# cd nessus-core
root:~# ./configure
root:~# make
root:~# make install

Installing nessus-plugins

root:~# cd nessus-plugins
root:~# ./configure
root:~# make
root:~# make install

you need to set the library path in linux if it is not set/configured:

root:~# cat /etc/ld.so.conf

You should able to see the line containing "/usr/local/lib" if it is not there then add it to /etc/ld.so.conf and type the folllowing command:

root:~# ldconfig

Installation is completed.

You can use nessus-adduser to add nessusd account.

root:~# nessus-adduser

Addition of a new nessusd user

Login : renaud
Authentication (pass/cert) [pass] : pass
Password : secret

User rules
nessusd has a rules system which allows you to restrict the hosts
that renaud2 has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax

Enter the rules for this user, and hit ctrl-D once you are done :
(the user can have an empty rules set)

default deny

Login : renaud
Password : secret
DN :
Rules :

default deny

Is that ok (y/n) ? [y] y

user added.
Configuration File: /usr/local/etc/nessus/nessusd.conf

Where you can set several option for nessus configuration.

* Start nessusd deameon

root:~# nessusd -D

For client side configuration check the below mentioned URL:


Courtesy: http://forums.linuxwebadmin.info/ind...pic,132.0.html

Reply With Quote
Sponsored Links
Old 3rd November 2006, 09:44
sjau sjau is offline
Local Meanie
Join Date: Apr 2006
Location: Switzerland
Posts: 1,158
Thanks: 4
Thanked 58 Times in 54 Posts

For those using Debian, there's a package available


Same goes probably for other debian based distros like mepis und *buntu
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Error: Domain Name Mismatch cctex10 Installation/Configuration 6 2nd August 2007 15:07
mod security exclude list. gabrix Server Operation 3 23rd October 2006 18:02
pass phrase for security rvstubbs Installation/Configuration 1 5th October 2006 11:58
SE linux problem when security context is modified raj123 Technical 1 28th June 2006 09:57
ProFTPD potential security hole domino Server Operation 3 19th August 2005 04:25

All times are GMT +2. The time now is 01:40.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.