If you've been around the information security profession for any length of time, you probably have at least a passing familiarity with the Nessus vulnerability scanner. In this, the first of a series of three Nessus tips, we'll provide you with an introduction to this popular security tool and give you the information you need to install and configure your own Nessus deployment.
Nessus is a member of the family of security tools known as vulnerability scanners. As the name implies, these products scan the network for potential security risks and provide detailed reporting that enables you to remediate gaps in your security posture. These scans run using a client/server architecture, so let's discuss both pieces of that architecture.
The scan engine is available for Linux/Unix systems only (sorry Microsoft fans!). Installation is actually quite simple. If you have the Lynx HTTP browser on your system, simply run the command:
prompt$ lynx –source http://install.nessus.org | sh
This command downloads the Nessus installation script and executes it on your system. Note that the "prompt$" prompt indicates that you should run this command from a normal user account and not with root privileges. If you'd like, you may
Once you've completed the installation, you need to complete three steps to get up and running:
- Start the Nessus scan server by running the command "nessusd&"
- Add a Nessus user to your system by executing "nessus –adduser"
- Start the Nessus client and explore away!
If you'd like to run the Nessus client on a system other than the one you installed the server on, you're free to do so. You may download the NessusClient GUI for Unix systems or the NessusWX client for Windows systems from the Nessus download page. Once you've installed your client, simply point it at the IP address of your Nessus server and connect using the username and password you created in step two above.
The Nessus project began as an open-source community project more than seven years ago. While the basic Unix/Linux scanner is still freely available, many elements of the Nessus line are going commercial. Tenable Security, the current custodians of Nessus, also produce NeWT, a Windows version that uses the wizard-based installation and GUI familiar to Windows users. A free version (limited to scanning hosts on the same Class C subnet as the scanning system) is available for download from Tenable.
One last word of wisdom: the Nessus plug-ins (the scripts that provide the scanning functionality of Nessus) change frequently. Be sure to update your plug-ins from the official site on a regular basis using the "nessus-update-plugins" command on the Nessus server.
Our next tip will explore using Nessus to conduct vulnerability scans, and we'll wrap up the series with a look at deploying Nessus as part of an enterprise vulnerability scanning program.
This tip was originally published on SearchSecurity.com as part of their Nessus technical guide.
NESSUS TECHNICAL GUIDE
How to get started
How to run a system scan
How to build an enterprise scanning program
How to manage Nessus reports
How to simplify security scans
How to use Nessus with the SANS Top 20
About the author: Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide and Information Security Illuminated.
This was first published in April 2006