The Nessus is scanner that tries to discover and warn of vulnerability on scanned system.
It's using plugins, which are actually scripts that do vulnerability checks.
A plugin can be developed using NASL - Nessus Attack Scripting language.
Once scanning is over, a result can be reported, say like HTML file.
This is example of working with Nessus on Solaris. Get the Solaris package from Nessus.org.
> pkgtrans Nessus-4.2.2-solaris-sparc.pkg . |
> pkgadd -d . TNBLnessus |
>setenv LD_LIBRARY_PATH /opt/nessus/lib:${LD_LIBRARY_PATH} |
> /opt/nessus/sbin/nessus-adduser Login : nessus Login password : Login password (again) : Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: User rules ---------- nessusd has a rules system which allows you to restrict the hosts that nessus has the right to test. For instance, you may want him to be able to scan his own host only. Please see the nessus-adduser manual for the rules syntax Enter the rules for this user, and enter a BLANK LINE once you are done : (the user can have an empty rules set) <-------------- press ENTER, no rules, so user can scan any IP range !! Login : nessus Password : *********** Rules : Is that ok ? (y/n) [y] User added |
>/opt/nessus/bin/nessus-fetch --register 1234-AAAA-BBBB-CCCC-0000 Your activation code has been registered properly - thank you. Now fetching the newest plugin set from plugins.nessus.org... Your Nessus installation is now up-to-date. If auto_update is set to 'yes' in nessusd.conf, Nessus will update the plugins by itself. |
> /etc/init.d/nessusd start > pgrep -l nes 6505 nessusd 6504 nessus-service |