分類: Nessus

1. 選擇 New Scan

2. 選擇要套用的 Templates

[@more@]3. 輸入資料 Target 可以輸入
   

4. MyScan 中會出現設定的任務

5. 勾選任務，然後選 More / Launch

6. 選擇 Launch

7. 進行中

8. 掃描結果

參考網站：
How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

到 Nessus 官方下載網站：
http://www.tenable.com/products/nessus/select-your-operating-system
1. 選擇要安裝的系統

2. 選擇作業系統版本來下載

[@more@]3. 軟體授權

4. 將下載下來的檔案到 Server，並進行安裝
# rpm -ivh Nessus-6.10.2-es7.x86_64.rpm
nessusd (Nessus) 6.10.2 [build M20085] for Linux
Copyright (C) 1998 – 2016 Tenable Network Security, Inc

Processing the Nessus plugins…
[##################################################]

All plugins loaded (1sec)
 – You can start Nessus by typing /bin/systemctl start nessusd.service
 – Then go to https://test:8834/ to configure your scanner

# systemctl start nessusd.service
# systemctl status nessusd.service
● nessusd.service – The Nessus Vulnerability Scanner
   Loaded: loaded (/usr/lib/systemd/system/nessusd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2017-03-06 10:42:24 CST; 14s ago
 Main PID: 462 (nessus-service)
   CGroup: /system.slice/nessusd.service
           tq462 /opt/nessus/sbin/nessus-service -q
           mq463 nessusd -q

Mar 06 10:42:24 test systemd[1]: Started The Nessus Vulnerability Scanner.
Mar 06 10:42:24 test systemd[1]: Starting The Nessus Vulnerability Scanner…

# netstat -antulp | grep nessusd
tcp        0      0 0.0.0.0:8834            0.0.0.0:*               LISTEN      463/nessusd
tcp6       0      0 :::8834                 :::*                    LISTEN      463/nessusd

5. 申請  activation code，只能用一次

6. 選擇 Nessus Home Free，並註冊

7. 輸入註冊資料

8. 電子郵件會收到 activation code

9. 防火牆設定
# firewall-cmd –zone=public –add-port=8834/tcp –permanent
# firewall-cmd –reload
或
# iptables -A INPUT -p tcp –syn -m state –state NEW –dport 8834 -j ACCEPT

10. 開啟瀏覽器，這裡以 Opera 為例，輸入 https://Server’IP:8834

11. 進行設定

輸入管理者要設定的帳號及密碼

輸入 Activation Code

12. 經過漫長的等待，終於來到登入畫面

登入後畫面

手動更新
# /opt/nessus/sbin/nessuscli update

—– Fetching the newest updates from nessus.org —–

Nessus Plugins: Complete

Nessus Core Components: Downloading (0%)
Nessus Core Components: Complete

 * Nessus Plugins are now up-to-date and the changes will be automatically processed by Nessus.
 * Nessus Core Components are now up-to-date and the changes will be automatically processed by Nessus.
[warn] An attempt was made to close an invalid database object.