Download the Ubuntu Nessus package from nessus.org. The 32-bit 8.10 version worked fine for me. We used to have to install a separate client package, but no longer. The client is now web-based and included in the Nessus package.
Again, with Backtrack 4 things are little easier. To install the Nessus server, simply execute the following command to install the package.
dpkg --install Nessus-4.2.0-ubuntu810_i386.deb
Finally, it's time to configure Nessus. Another step that is no longer necessary is the creation of certificates for authentication, so all we really need to do is add our user.
# add user/opt/nessus/sbin/nessus-adduser
Login :Me
Authentication (pass/cert) : [pass]
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]:y
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that Me has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : Me
Password : ***********
This user will have 'admin' privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y]y
User added
We want to disable Nessus starting at boot. We are going to do some things a little later than require that Nessus not be running at boot.
/usr/sbin/update-rc.d -f nessusd remove
This command does not remove the Nessus start scripts. It only removes the links that cause Nessus to start at boot time.
The next thing we need to do is register our installation so we can get the plugin feed. You need to go here and request a key. That is a link to the free feed for home use. Use appropriately.
Once you have your key. Execute the following to update your plugins. Please note that there are two dashes before register in the nessus-fetch line below. They can display as one sometimes.
/opt/nessus/bin/nessus-fetch --register [your feed code here]
When that is done, and it is going to take a few minutes, you are ready to start the server and client. Be aware that with version 4.x, while the command to start returns quickly, the actual starting of the service may take a minute or two. In many cases, I have had to reboot after the initial install before Nessus started working. You can use 'netstat -napt' to check that the server is listening on port 8834. Yup, this is different too. We used to look for port 1241.
/etc/init.d/nessusd start
Woohoo, time to find those vulnerabilities.
Configure Encryption
Before we configure encryption, we need to go ahead and update the system. We used to be able to wait to do this, but the amount of packages is now enough that we run out of space if we wait until after creating the Truecrypt volume.
First execute the following:
apt-get update
This is update the software repository information. Next, execute the this command:
apt-get upgrade
The system will determine if there is anything that needs to be updated and then prompt you to continue. Individual packages can be updated by including the package name after upgrade.
Finally, execute the following to clean up the downloaded packages and make room for the Truecrypt volume.
apt-get clean
Now to configure encryption. Since we are using this tool to poke at peoples networks and systems, with permission of course, it is very important that the information we find be protected. To do this, we are going to setup an encrypted volume that will eventually become our home directory.
This can be done with the gui or via command line. We will be using the gui because we need to be able to format the volume with ext3 and, as yet, I have not been able to figure out how to do that via the command line on linux. Click on the images to see a larger version.
You will get a message that the volume was successful created. Click on the 'OK' button, then exit the Truecrypt gui, both the 'Create Volume' windows and the main windows. We want to be back at the command prompt at this point.
If you want to test the your filesystem, execute the following, note the -k '' is two single quotes, not a double quote:
truecrypt -t -k '' --protect-hidden=no /my_secret_stuff /media/truecrypt1
mount
cd /media/truecrypt1
df .
Now it is time to tweak a few tings
No comments:
Post a Comment