information gathering – nessus

Nessus is the world's most widely-deployed vulnerability and configuration assessment product with more than five million downloads to date.

Backtrack 5 R1

1. http://www.tenable.com/products/nessus/select-your-operating-system

2. Nessus-5.0.1-debian6_i386.deb

3. Save to root.

4. root@bt:~# dpkg -i Nessus-5.0.1-debian6_i386.deb

(Reading database ... 241215 files and directories currently installed.)
Preparing to replace nessus 4.4.1 (using Nessus-5.0.1-debian6_i386.deb) ...
Shutting down Nessus : .
Unpacking replacement nessus ...
Setting up nessus (5.0.1) ...
Fetching the newest plugins from nessus.org...
Fetching the newest updates from nessus.org...
Done. The Nessus server will start processing these plugins within a minute
nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.

Processing the Nessus plugins...
[##################################################]

All plugins loaded

- You can start nessusd by typing /etc/init.d/nessusd start
- Then go to https://bt:8834/ to configure your scanner

5. http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code

6. root@bt:~#cd /opt/nessus/bin/

7. root@bt:/opt/nessus/bin# nessus-fetch --register xxxx-xxxx-xxxx-xxxx

Your Activation Code has been registered properly - thank you.
Now fetching the newest plugin set from plugins.nessus.org...
Your Nessus installation is now up-to-date.
If auto_update is set to 'yes' in nessusd.conf, Nessus will
update the plugins by itself.

8. root@bt:/opt/nessus/bin#cd /opt/nessus/sbin/

9. root@bt:/opt/nessus/sbin# nessus-adduser

10. root@bt:/opt/nessus/sbin#cd /etc/init.d/

11. root@bt:/etc/init.d# nessusd start

nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.

Processing the Nessus plugins...
[##################################################]

All plugins loaded

12. web browse to https://localhost:8834/
--------------------------------------------------------

Update Nessus manually

1. update nessus
root@bt:~# cd /opt/nessus/sbin/
root@bt:/opt/nessus/sbin# nessus-update-plugins

Fetching the newest updates from nessus.org...
Done. The Nessus server will start processing these plugins within a minute

2. Manually start processing if nothing happens after update.

root@bt:/opt/nessus/sbin# /opt/nessus/sbin/nessusd -R

nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.

Processing the Nessus plugins...
[#####                                             ]

-------------------------------------------------------------

ENABLING WINDOWS SERVER 2008 LOGINS FOR NESSUS LOCAL AND REMOTE AUDITS

1. Under Windows Firewall -> Windows Firewall Settings, “File and Printer Sharing” must be enabled.

2. Create a new account with Admin level rights. The username can be anything you wish.

3. Enable Remote Registry. Under Services.

4. Disable UAC by un ticking. This will require a reboot.

While scanning with Nessus if you see the below log listed under info investigate that the remote registry service is started, UAC is turned off and the user account is set to Admin privileges.

Nessus Windows Scan Not Performed with Admin Privileges

 

 

 

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s