you can get nessus from nessus.org. it installs on windows and linux and osx.
once you install it you need to activate it; there are two options for this
1) professional feed
2) home feedthe professional feed will give you access to lots of nice plugins, the home feed will give you lots of plugins, but not quite as many as the pro feed does. you need to pick one.
once you register nessus will send you an email with an activation code in it and instructions on how to activate your feed. once activated nessus will take a while to load on first run. this is normal.
When you have nessus up and running you will want to scan something. this is a nessus tutorial after all, so ill begin:
there are lots and lots of plugins and lots and lots of settings to choose from, but ill give you a basic set to get you started.
-point your browser at
[You must be registered and logged in to see this link.]-login
-goto policies
-click ‘add’
-give your policy a name, like ‘basic scan’
-make it ‘shared’
-give it a description
-enable ‘save knowledge base’
-enable ‘safe checks’
-enable silent dependencies’
-enable ‘log scan details to server’
-enable ‘stop host scan on disconnect’
-enable ‘avoid sequential scans’
-enable ‘Reduce parallel connections on congestion’
-enable ‘use kernel congestion detection’ if you run linux
-enable ‘syn scan’
-enable ‘snmp scan’
-enable ‘netstat scan’
-enable ‘netstat wmi scan’
-enable ‘ping host’
by default nessus loads all plugins. so the next thing you want to do is
-click on ‘plugins on the left
-go to the bottom and click ‘uncheck all’
-enable ‘cgi abuses’
-enable ‘cgi abuses: XSS’
-enable ‘gain a shell remotely’
-enable ‘Service detection’
-enable ‘Settings’
-enable ‘Web Servers’
you can enable ‘X local security checks’ where X is the OS of your server, eg CentOs local security checks or Slackware local security checks.
the next step is to click ‘Preferences’ on the right.
-from the drop down select ‘Do not scan fragile devices’
make sure both are unchecked.
-from the dropdown select ‘Global variable settings’
-enable ‘enable CGI scanning’
-enable ‘Enable Experimental scripts’
-enable ‘Thorough tests (slow)’
-make ‘report verbosity’ be ‘verbose’
-from the drop down select ‘Web Application Tests Settings’
-enable ‘Enable web application tests’
-enable ‘send POST requests’
-enable ‘HTTP parameter pollution’
-hit ‘submit’ to save all the settings.
im not going to explain what these are, there is lots of information available, and if you do know what they are then good =)
once you have a policy in place you can initiate a scan:
-go to the scans tab
-hit ‘add’
-give it a name
-select th type ‘run now’
-select your previously created policy
-type in a target hostname
-click ‘launch scan’
wait for the scan to complete and then go to the reports tab to view the report
enjoy
Mon Sep 19, 2011 4:00 pm