Nessus is the world's most widely-deployed vulnerability and configuration assessment product with more than five million downloads to date.
Backtrack 5 R1
1. http://www.tenable.com/products/nessus/select-your-operating-system
2. Nessus-5.0.1-debian6_i386.deb
3. Save to root.
4. root@bt:~# dpkg -i Nessus-5.0.1-debian6_i386.deb
(Reading database ... 241215 files and directories currently installed.)
Preparing to replace nessus 4.4.1 (using Nessus-5.0.1-debian6_i386.deb) ...
Shutting down Nessus : .
Unpacking replacement nessus ...
Setting up nessus (5.0.1) ...
Fetching the newest plugins from nessus.org...
Fetching the newest updates from nessus.org...
Done. The Nessus server will start processing these plugins within a minute
nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded
- You can start nessusd by typing /etc/init.d/nessusd start
- Then go to https://bt:8834/ to configure your scanner
5. http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code
6. root@bt:~#cd /opt/nessus/bin/
7. root@bt:/opt/nessus/bin# nessus-fetch --register xxxx-xxxx-xxxx-xxxx
Your Activation Code has been registered properly - thank you.
Now fetching the newest plugin set from plugins.nessus.org...
Your Nessus installation is now up-to-date.
If auto_update is set to 'yes' in nessusd.conf, Nessus will
update the plugins by itself.
8. root@bt:/opt/nessus/bin#cd /opt/nessus/sbin/
9. root@bt:/opt/nessus/sbin# nessus-adduser
10. root@bt:/opt/nessus/sbin#cd /etc/init.d/
11. root@bt:/etc/init.d# nessusd start
nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded
12. web browse to https://localhost:8834/
--------------------------------------------------------
Update Nessus manually
1. update nessus
root@bt:~# cd /opt/nessus/sbin/
root@bt:/opt/nessus/sbin# nessus-update-plugins
Fetching the newest updates from nessus.org...
Done. The Nessus server will start processing these plugins within a minute
2. Manually start processing if nothing happens after update.
root@bt:/opt/nessus/sbin# /opt/nessus/sbin/nessusd -R
nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##### ]
-------------------------------------------------------------
ENABLING WINDOWS SERVER 2008 LOGINS FOR NESSUS LOCAL AND REMOTE AUDITS
1. Under Windows Firewall -> Windows Firewall Settings, “File and Printer Sharing” must be enabled.
2. Create a new account with Admin level rights. The username can be anything you wish.
3. Enable Remote Registry. Under Services.
4. Disable UAC by un ticking. This will require a reboot.
While scanning with Nessus if you see the below log listed under info investigate that the remote registry service is started, UAC is turned off and the user account is set to Admin privileges.
Nessus Windows Scan Not Performed with Admin Privileges
myexploit 