First it’s necessary to install the nessus and nessusclient debian package using apt-get or aptitude:
debian:~# apt-get install nessus nessusclient
Next you need to edit /opt/nessus/etc/nessus/nessusd.conf and configure it properly.
My working nessusd.conf configuration file can be downloaded from here
In my configuration nessus is configured to listen from connection of the GUI environment on port 1251
To start the nessusd server you need to invoke the init script:
debian:~# /etc/init.d/nessusd start
The nessus graphical client is available via executing of /opt/nessus/bin/NessusClient or using the Gnome / KDE menus to launch it.
Before you start connecting to the nessus server it’s necessary that an authentication user should be issued via the command:
debian:~# /opt/nessus/sbin/nessus-adduser
This program is similar to /usr/sbin/adduser and will ask you a few questions the output of the program will be as follows:
noah:/opt/nessus/bin# /opt/nessus/sbin/nessus-adduser
Login : asdf
Login password :
Login password (again) :
Passwords do not match!
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: n
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that asdf has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : asdf
Password : ***********
Rules :
Is that ok ? (y/n) [y]
However for some weird reason I cannot establish proper connection with the nessus server in order to start scanning hosts for vulnerabilities.
In the nessus client connection configuraitons I already had included my previously generated servercert.pem and cacert.pem
I used the nessus-mkrand to generate the cervercert.pem and cacert.pem
I’ve tried many thing to login to my just installed nessus server but every attempt with the nessus client returned connection errors to the server like:
The remote host does not seem to be a Nessus server (or an SSL error occured)
I’ve tried a couple of things to deal with the connection problem, for instance I tried to not include the usage of the SSL certificate but it doesn’t helped at all.
I’ve found also some references on the Net which explained the same shitty error being experienced by other people, so I finally decided not to use the nessus client application and instead use the web interface.
I could succesfully acccess the web interface of the nessusd server through https://127.0.0.1:8834/ in a browser, I personally prefer Opera
It’s a bit shitty that the web interface of nessus uses adobe flash to show up some of the page content, the flash was sometimes crashing my Opera browser which I used as a browser to access the web interface of the nessus server on my Linux.
The usage of nessus across a browser is really not that pleasant experience because of the browser crashes, but still it’s working and browser crashes caused by linux flash player occurs every few scans issued with nessus 🙂
