Security Scanning of Linux Server with Nessus

Nessus is a free and easy-to-use remote security scanner. A security scanner is a software which will audit a remote network and try to test whether hackers, or bad guys, may easily break into it.

Nessus security scanner is made up of two parts :

  1. a server, and
  2. a client

The server (nessusd) is actually in charge of the remote attacks, whereas the client is simply used to collect the results.

Download Nessus:

You can download the latest source of Nessus at:

http://nessus.org/download.html

Download Nessus Client:

http://nessuswx.nessus.org

Nessus Server (nessusd) Installation:

Let’s use the traditional way to install the Nessus Server.

1. Download the following latest distribution from the download site:

  • nessus-libraries-x.x.tar.gz
  • libnasl-x.x.tar.gz
  • nessus-core.x.x.tar.gz
  • nessus-plugins.x.x.tar.gz

2. Log in as root or use ‘su -‘ command to switch to root to perform the compilation.

3. cd to the directory that the Nessus distribution were downloaded to.

4. Compile and install the distribution in the following order.

5. Install nessus-libraries

tar zxvf nessus-libraries-x.x.tar.gz
cd nessus-libraries
./configure
make
make install

6. cd .. return to the directory the Nessus distribution download to.

7. Install libnasl

tar zxvf libnasl-x.x.tar.gz
cd libnasl
./configure
make
make install

8. cd .. return to the directory that the Nessus distribution were downloaded to.

9. Install nessus-core

tar zxvf nessus-core.x.x.tar.gz
cd nessus-core
./configure
make
make install

10. cd .. return to the directory that the Nessus distribution were downloaded to.

11. Install nessus-plugins

tar zxvf nessus-plugins.x.x.tar.gz
cd nessus-plugins
./configure
make
make install

12. go to /etc/ld.so.conf file and open it.

13. Add a line “/usr/local/lib” in the /etc/ld.so.conf file. Save and close the file.

14. go to /sbin directory

15. type ldconfig to complete the execution.

Nessus Client Installation:

Let’s use a Windows application (NessusWX) as the Nessus client. NessusWX is a client program for Nessus security scanner which is designed specially for Windows platform.

The installation of NessusWX is very simple.

  1. Download the self-extracting nessusWX-x.x.x-install.exe file to your computer.
  2. Double-click the nessusWX-x.x.x-install.exe file
  3. Follow the screen instruction to complete the installation

Now, both server and client of Nessus were installed. The next step is to configure the Nessus Server (nessusd).

You may also like...