Nessus supports almost all the popular operating systems. Depending on the availability of the operating system, the required installation steps given in this section can be followed to install Nessus. The latest information/steps can also be fetched from Nessus's official website. At the time of writing this book, Nessus supports the following operating system platforms:
The latest details about the preceding list can be obtained from Tenable Nessus's official website at http://www.tenable.com/.
The scanning machine should have 4 GB of memory (preferably). However, refer to Nessus's official website http://www.tenable.com/ for the latest requirements.
A better processor will support facilitating a fast scan. The scanning machine should be selected by keeping the scope of the Nessus scan in view; if you plan to do a vulnerability assessment for a big enterprise, it is recommended that a high-end server machine be used.
No firewall should block the traffic generated by Nessus to reach scanning target systems. If a firewall is in place, a firewall rule should be configured to allow all the traffic generated by the Nessus machine to reach scanning targets. Please don't forget to deactivate this firewall rule once the scan activity is completed.
If you reach out to scanning machines using a web proxy, proxy authentication credentials should be keyed in Nessus. This is an optional setting depending on your scanning environment.
You should have administrative rights on the machine to install Nessus, and the Nessus plugin feed activation code is required to update plugins.
For the latest Nessus package, either to buy or to evaluate, you should browse through to Tenable Nessus's official website at http://www.tenable.com/:
The Nessus software package should be downloaded according to the operating system you want to install Nessus for. The steps given on Nessus's website should be followed for downloading the Nessus package.
It is important to note that Nessus should be downloaded as per the scanning machine operating system from which you plan to scan other systems, not by the operating systems which you are going to scan. For example, if you need to scan 10 Linux machines, one Solaris machine, and five Windows machines from a Windows 2008 server machine, download the Nessus package for the Windows 2008 operating system. Depending on the bit count of the operation system, you may choose a 32-bit/64-bit package.
Post successful Nessus installation, it takes you to basic configurations such as default settings, user creations, and activation code.
The following screenshot shows the web view of the Nessus installed. Nessus runs on port 8834 by default:
Nessus warns about the SSL certificate. It doesn't come with an SSL certificate by default. Nessus administrators have to get an SSL certificate to configure Nessus with SSL.
If you want to install an SSL certificate now itself, install it; otherwise, click on Proceed anyway. This will take you to the kind of introduction page to begin with.
Click on Get Started to proceed further.
The first thing you need to do after this is the administrative account setup. This account is created on the Nessus server. This account should always be remembered for Nessus administration.
After the administrative account creation, Nessus will prompt for plugin feed registration and proxy settings, which is optional.
Plugin feed registration has to be done as per your anticipated use. After registration, you get an activation code that you need to use for plugin subscription.
For the latest Nessus package, either for buying or evaluation purposes, you should visit Tenable Nessus's official website at http://www.tenable.com/:
You will see the Installing packages window shown in the following screenshot:
The preceding screenshot shows that Nessus is installed successfully on the Red Hat Linux environment. To begin with this, the Nessus service should be started.
# /sbin/service nessusd start
The following screenshot shows the Nessus service starting up with the status OK:
https://localhost.localdomain:8834/
into the Linux box web browser.This page displays the secure connection error, which can be rectified by adding an exception to the web browser.
To configure further, the same steps as outlined for the Windows installation can be followed for registration, activation, updating plugins, user management, and so on.
3.148.144.228