Installing Nessus 4 on Backtrack 4

Installing Nessus 4 on Backtrack 4

In this article we will explain how we can install the latest version of Nessus (Nessus v4) on Backtrack 4.
First we need to download Nessus and NessusClient Ubuntu 8.10 packages from http://nessus.org/download/.

The packages that we need to download :

Nessus-4.0.2-ubuntu810_i386.deb
NessusClient-4.0.2-ubuntu810_i386.deb

After downloaded, do installation and setup for the client application.

1. Install the Nessus Packages
root@bt:~# dpkg -i Nessus-4.0.0-ubuntu810_i386.deb
root@bt:~# dpkg -i NessusClient-4.0.2-ubuntu810_i386.deb

2. Configure Nessus Server
a. Make the certificates
Please run this command through console :

/opt/nessus/sbin/nessus-mkcert

——————————————————————————-
Creation of the Nessus SSL Certificate
——————————————————————————-

This script will now ask you the relevant information to create the SSL
certificate of Nessus. Note that this information will *NOT* be sent to
anybody (everything stays local), but anyone with the ability to connect to your
Nessus daemon will be able to retrieve this information.

CA certificate life time in days [1460]: [please fill]
Server certificate life time in days [365]: [please fill]
Your country (two letter code) [US]: [please fill]
Your state or province name [NY]: [please fill]
Your location (e.g. town) [New York]: [please fill]
Your organization [Nessus Users United]: T[please fill]
This host name [bt]: [please fill]

Congratulations. Your server certificate was properly created.

The following files were created :

. Certification authority :

Certificate = /opt/nessus//com/nessus/CA/cacert.pem
Private key = /opt/nessus//var/nessus/CA/cakey.pem

. Nessus Server :
Certificate = /opt/nessus//com/nessus/CA/servercert.pem
Private key = /opt/nessus//var/nessus/CA/serverkey.pem

b. Register the scanner here
To get the register number, please go to this page : http://nessus.org/register
and register number will send to your email address.
The format of register number is XXXX-XXXX-XXXX-XXXX-XXXX

Before register, please setup your connection on configuration file :
/opt/nessus/etc/nessus
vi nessusd.conf
proxy=[proxy name]
proxy_port=[proxy port]
proxy_username=[user name]
proxy_password=[password]

To register please run this command on console :

/opt/nessus/bin/nessus-fetch –register XXXX-XXXX-XXXX-XXXX-XXXX

Your activation code has been registered properly – thank you.
Now fetching the newest plugin set from plugins.nessus.org…
Your Nessus installation is now up-to-date.
If auto_update is set to ‘yes’ in nessusd.conf, Nessus will
update the plugins by itself.

c. Create a Nessus User
/opt/nessus/sbin/nessus-adduser

Login : [login]
Login password : [password]
Login password (again) : [password]
Do you want this user to be a Nessus ‘admin’ user ? (can upload plugins, etc…) (y/n) [n]: y
User rules
———-
nessusd has a rules system which allows you to restrict the hosts
that nessus has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser manual for the rules syntax

Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
administrator

Login : [login]
Password : ***********
This user will have ‘admin’ privileges within the Nessus server
Rules :
administrator
Is that ok ? (y/n) [y] y
User added

d. Start Nessus Server
/etc/init.d/nessusd start

e. Stop Nessus Server
/etc/init.d/nessusd stop

f. Start Nessus Client
/opt/nessus/bin/NessusClient or through GUI interface :
Backtrack -> Internet -> NessusClient

g. Show status of Nessus Server
ps -ef | grep Nessus