Bagi anda yang sudah terbiasa di dunia hacking atau security, mungkin sudah terbiasa dengan tools yang satu ini. Nessus merupakan favorit tools vulnerability assesment yang digemari sebagian besar orang. Kali ini saya mencoba menginstallnya pada platform ubuntu server 12.04
Ok kita mulai aja ya, lets do it.
1. Download terlebih dahulu aplikasi tersebut pada link dibawah ini pilih sesuai versi, kali ini saya menggunakan Nessus-5.0.1-ubuntu1110_i386.deb yang dapat digunakan pada ubuntu versi 11 dan 12
http://www.nessus.org/products/nessus/nessus-download-agreement2. Saat aplikasi sudah selesai di download kita mulai instalasi nya
root@Mini-Server:~# ls3 .Restart aplikasi tersebut dan buatlah user untuk digunakan
LyncSetupEval.exe Nessus-5.0.1-ubuntu1110_i386.deb
metasploit-latest-linux-installer.run yersinia.log
root@Mini-Server:~# chmod 777 Nessus-5.0.1-ubuntu1110_i386.deb
root@Mini-Server:~# dpkg -i Nessus-5.0.1-ubuntu1110_i386.deb
Selecting previously unselected package nessus.
(Reading database ... 29772 files and directories currently installed.)
Unpacking nessus (from Nessus-5.0.1-ubuntu1110_i386.deb) ...
Setting up nessus (5.0.1) ...
nessusd (Nessus) 5.0.1 [build R23111] for Linux
(C) 1998 - 2012 Tenable Network Security, Inc.
Processing the Nessus plugins...
[##################################################]
All plugins loaded
- You can start nessusd by typing /etc/init.d/nessusd start
- Then go to https://Mini-Server.depkeu.go.id:8834/ to configure your scanner
Processing triggers for ureadahead ...
ureadahead will be reprofiled on next reboot
root@Mini-Server:~# /etc/init.d/nessusd start4. Lakukan aktivasi code ( activation code dapat diperoleh disini : http://www.nessus.org/register ) dan install plugin
$Starting Nessus : .
root@Mini-Server:~# /opt/nessus/sbin/nessus-adduser
Login : root
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: Y
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that root has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : root
Password : ***********
This user will have 'admin' privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y] Y
User added
root@Mini-Server:~#
root@Mini-Server:~# /opt/nessus/bin/nessus-fetch --register5. Setelah semua selesai restart kembali aplikasi tersebut9AB5-F30E-9104-0BCA-B162
Your Activation Code has been registered properly - thank you.
Now fetching the newest plugin set from plugins.nessus.org...
Your Nessus installation is now up-to-date.
If auto_update is set to 'yes' in nessusd.conf, Nessus will
update the plugins by itself.
root@Mini-Server:~# /etc/init.d/nessusd restart6. Nessus sudah bisa digunakan dengan mengaksesnya langsung dengan browser secara localhost atau ip addres langsung. Selamat mencoba.
$Shutting down Nessus : .
$Starting Nessus : .
root@Mini-Server:~#
https://127.0.0.1:8834 atau https://< IP Address>:8834
