Vulnerability scanning and analysis -Nessus-8.7.2 the latest version - Installation - Deployment - use

Others 2019-10-14 12:15:25 views: null

Vulnerability scanning and analysis -Nessus

2019/10/10 Chenxin

Brief introduction

Official website https://zh-cn.tenable.com/
product https://zh-cn.tenable.com/products/nessus

Nessus is a well-known information security services company tenable introduced a vulnerability scanner and analysis software, dubbed "the world's most popular vulnerability scanner, more than 75,000 organizations around the world use it." Although this scanner can be downloaded for free, but from Tenable update to all the latest threat information, the annual direct cost of subscription is $ 1,200, which is 100 per month dollar. Nessus can be used under Linux, FreeBSD, Solaris, Mac OS X and Windows. Nessus is currently divided into four versions: Nessus Essentials, Nessus Professional and so on. Essentials of which version is the free version.

Register to obtain the activation code (may skip this application installation process Nessus)

https://zh-cn.tenable.com/products/nessus/nessus-essentials
activation code can only be used once. next time you need to re-apply.

installation

Reference https://docs.tenable.com/nessus/Content/InstallNessusLinux.htm

1. Install Linux Kali
Kali Linux is the industry's leading Linux distribution in terms of penetration testing and white hat. By default, this release comes with a large intrusion and penetration tools and software, and in the world have been widely recognized, including nmap, Wireshark, John the Ripper, and Aircrack-ng. The latest version of Kali Linux 2019.3

1.1 Download installation image
https://www.kali.org/downloads/ select "Kali Linux 64-Bit", about 3GB.

1.2 Installation
If a virtual machine Fushion, then "create a custom virtual machine" mode select "Linux" -.> "Debian 8.x 64-bit".

1.3 modify IP, DNS, SSH, VIM is initialized
reference documents "Debian class system-related" instructions.

2. Install the Nessus
2.1 software download
https://www.tenable.com/downloads/nessus
Current version Nessus - 8.7.2
correspond kali (Debian8) system version Nessus-8.7.2-debian6_amd64.deb (Debian 6 , 7, 8, 9 / Kali Linux 1, 2017.3 AMD64)

2.2 activation code
the current message in the activation
Activating Your Nessus Essentials Subscription
Your Activation code for Nessus Essentials IS:
4510-AA12-EDD5-B217-500B

2.3 Installation

root@kali:~/下载# dpkg -i Nessus-8.7.2-debian6_amd64.deb 
正在选中未选择的软件包 nessus。
(正在读取数据库 ... 系统当前共安装有 352904 个文件和目录。)
准备解压 Nessus-8.7.2-debian6_amd64.deb  ...
正在解压 nessus (8.7.2) ...
正在设置 nessus (8.7.2) ...
Unpacking Nessus Scanner Core Components...

 - You can start Nessus Scanner by typing /etc/init.d/nessusd start
 - Then go to https://kali:8834/ to configure your scanner

正在处理用于 systemd (241-7) 的触发器 ...

B / S architecture Nessus uses to enter the page https://192.168.143.137:8834/ (kali machine's IP 137)
select the corresponding version of Nessus (Essentials). Enter the above activation code.
Create a user chanix password NESSUS123
then will automatically enter "downloading plugins ..." began to download and install the plug-in. (relatively long time).
If because of network problems can cause the installation to fail, and gives the command-line mode try "/ opt / nessus / sbin / nessuscli update" ( by link accelerate installation time is a failure).

Commitment

Description, each time you start that they will be initialized, it will take longer. May take tens of minutes.
Service nessusd Start
Service nessusd STOP

Access
https://192.168.143.137:8834/

Instructions

1. Scan
1) click interface Scan new new
2) a selection scanning template available, generally choose Scan advanced
. 3) enter the basic configuration, preferably wherein the name in English, Description writing may write, Folder selection My Scan, Target IP hosts to be scanned input, such as 192.168.2.100, in addition to this basic information can also be configured as required some additional information
4) into the configuration screen, FIG click the "start" icon to start scanning
5) click FIG. export, you can select the format you want to export the scan report, we generally choose pdf format
6) to open the report, view the results of scans and vulnerability scanning to describe

Advanced scanning method 2.NESSUS of
reference: https: //www.freebuf.com/column/144167.html

Guess you like

Origin www.cnblogs.com/chanix/p/11669996.html
Recommended
Ranking
ACCESS Group leads the trend of health, scarce raw materials and leading technology help brands ride the wind and waves in the big health industry
500 threads operate int objects at the same time [java multi-thread shared variable]
アート テンプレート レンダリングの基本構文
Vue sends asynchronous request
Ubuntu vs code next update
Description of classes and objects
780. Reaching the End: Number Theory Reasoning and Analysis Questions
OpenCV (image processing) - based on python-filter (how to use low-pass and high-pass filters)
FFmpeg learning (4) - Embed subtitles to the video
The calc( ) property in CSS3
Daily
More
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)
2024-07-22(0)
2024-07-21(0)
2024-07-20(0)
2024-07-19(0)
2024-07-18(0)
2024-07-17(0)

Code World

© 2018 codetd.com