linux.gotfoo.org

Nessus is a Vulnerability Scanner which is installed on the nUbuntu Linux LiveCD. My first few tries at launching Nessus failed due to either invalid login credentials or I didn't have nessusd running. So I put together this is a guide to starting (launching) the Nessus Server and logging in to the Nessus Client on nUbuntu and nothing more.

To get started you need to first add a user to the Nessus server via the nessuss-adduser command.

After you type in the username the natural next step is to type the password so pay attention. The Authentication (pass/cert) [pass] prompt is looking for either pass or cert. After that you'll type in a new password twice.

Once you've got a user added you need set up some User Rules which can limit what hosts a user can scan. For more detaild info see the man page:

After you add some User Rules hit crtl-D and it will prompt you to confirm these changes.

Now you are ready to start the the nessusd (server/deamon) by launching it from a terminial as root.

Right Click on the Desktop -> Terminal

It will then go through the process of loading any plugins.

Once this process is complete it's time to launch the Nessus Client Right Clicking on the Desktop -> Security Tool-> Scanners-> Vulnerability Scanners -> Nessus

In the box for the Login Info enter the username/password you just created and then click Log in. A warning message will pop up saying that some of the plugins could potentially crash a remote host. SO BE CAREFUL!

Well at this point you should have Nessus set up and running and now you are ready to start testing computers on your network that you own. But before you go hog wild you should pop over to the Nessus Documentation for detailed info on using Nessus.

Remember kids port scanning is like checking the doors and windows of houses as you walk by them.