此前游俠曾經寫過在Windows下面安裝Nessus的文章,然後就有朋友問我,在Linux下面怎麼安裝?今天游俠以CentOS 6為例,講解如何安裝Nessus 4.4.1 。
相關閱讀:[免費網絡和主機漏洞評估程序Nessus 4.2.0安裝試用]、[Nessus浏覽器打不開的解決方法]、[利用Nessus進行WEB應用安全掃描]
操作系統游俠推薦用wdlinux——一個精簡的CentOS,刪除了一些無用的程序,速度飛快。下載地址為:51cto.com/download_center 選擇 基於 CentOS 6.0的精簡版,游俠這裡用的是64位版本。
CentOS的安裝游俠就不說了,基本上下一步就OK,特別是wdlinux更加簡單,只需要回車……裝完重啟,root登錄系統後運行 setup,選擇網絡配置,設定IP地址、子網掩碼、網關等就OK。
確保CentOS可以上網,你可以運行 ping www.youxia.org,看網絡是否通暢。如果通暢則運行:
wget -O nessus.rpm "http://downloads.nessus.org/nessus3dl.php?file=Nessus-4.4.1-es6.x86_64.rpm&licence_accept=yes&t=48cb3b8bf81326e63ce1ec461597442e"
既:從nessus官網下載程序,並保存為nessus.rpm,根據你的網絡速度會持續幾分鐘。看到“nessus.rpm saved”的時候就說明程序已經下載完畢。現在開始安裝nessus,運行:
[root@wdCentOS6 ~]# rpm -ivh nessus.rpm
Preparing... ########################################### [100%]
1:Nessus ########################################### [100%]
nessusd (Nessus) 4.4.1 [build M15078] for Linux
(C) 1998 - 2011 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded
- Please run /opt/nessus//sbin/nessus-adduser to add a user
- Register your Nessus scanner at http://www.nessus.org/register/ to obtain
all the newest plugins
- You can start nessusd by typing /sbin/service nessusd start
[root@wdCentOS6 ~]#
現在我們添加一個帳號:
[root@wdCentOS6 ~]# /opt/nessus//sbin/nessus-adduser
Login : youxia
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: y
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that youxia has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : youxia
Password : ***********
This user will have 'admin' privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y] y
User added
[root@wdCentOS6 ~]#
現在我們添加了一個名為“youxia”的管理員帳號,然後打開 http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code 獲取一個激活碼。選擇“Using Nessus at Home”,然後輸入你的first name、last name、E-Mail之後,去你的郵箱看看,你會收到一封名為《Nessus Plugin Feed》的郵件。下面會有這樣一行:
Your activation code for the Nessus HomeFeed is XXXX-XXXX-XXXX-XXXX-XXXX
這個就是你的激活碼了,在CentOS下面輸入:
[root@wdCentOS6 ~]# /opt/nessus/bin/nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX(回車)
Your activation code has been registered properly - thank you.
Now fetching the newest plugin set from plugins.nessus.org...
然後,就是漫長的等待……的確是漫長的等待!(因為連接到nessus國外的服務器很慢),等到這個提示結束,就成功了!
輸入 /opt/nessus/sbin/nessus-service -D 來啟動你的Nessus,然後打開浏覽器,輸入:https://你CentOS的IP地址:8834 (記得是https,並要8834的端口號)來訪問你的Nessus了!
作者:張百川(網路游俠)
網站:http://www.youxia.org