BackTrack R5 での話。

Nessus インストール


# apt-get install nessus
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
 libdmraid1.0.0.rc16 python-pyicu libdebian-installer4 cryptsetup libecryptfs0
 reiserfsprogs rdate bogl-bterm ecryptfs-utils libdebconfclient0 dmraid
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 3,036kB of archives.
After this operation, 0B of additional disk space will be used.
Get:1 revolution/testing nessus  4.4.1-bt5 [3,036kB]
Fetched 3,036kB in 27s (110kB/s)
Selecting previously deselected package nessus.
(Reading database ... 269671 files and directories currently installed.)
Unpacking nessus (from .../nessus_4.4.1-bt5_all.deb) ...
Processing triggers for desktop-file-utils ...
Processing triggers for python-gmenu ...
Rebuilding /usr/share/applications/desktop.en_US.utf8.cache...
Processing triggers for ureadahead ...
Processing triggers for python-support ...
Setting up nessus (4.4.1-bt5) ...

- Please run /opt/nessus/sbin/nessus-adduser to add a user
- Register your Nessus scanner at to obtain
  all the newest plugins
- You can start nessusd by typing /etc/init.d/nessusd start



# service nessusd start
Starting Nessus : .
Missing plugins. Attempting a plugin update...
Your installation is missing plugins. Please register and try again.
To register, please visit




# /opt/nessus/sbin/nessus-adduser
Login : msf
Login password : msf
Login password (again) : msf
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: y
User rules
nessusd has a rules system which allows you to restrict the hosts
that msf has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser manual for the rules syntax

Enter the rules for this user, and enter a BLANK LINE once you are done : 
(the user can have an empty rules set)

Login             : msf
Password         : ***********
This user will have 'admin' privileges within the Nessus server
Rules             :
Is that ok ? (y/n) [y] 
User added



/etc/init.d/nessusd start





/opt/nessus/bin/nessus-fetch --register x9x6-xxxx-xxxx-xxxx-8x9x

ただし、プロキシサーバ経由じゃないとだめな場合は、/opt/nessus/etc/nessus/nessus-fetch.rc に proxyサーバとポートを指定してから実施する。

# /opt/nessus/bin/nessus-fetch --register x9x6-xxxx-xxxx-xxxx-8x9x
Your activation code has been registered properly - thank you.
Now fetching the newest plugin set from
Your Nessus installation is now up-to-date.
If auto_update is set to 'yes' in nessusd.conf, Nessus will
update the plugins by itself.

auto_update は yes になっていたので、これでいいはず。

# /etc/init.d/nessusd start
Starting Nessus : .


https://localhost:8834/ にアクセスすると、以下の画面が表示される。ただし、その前に初期化処理があり20分くらい待った。



トップ   編集 凍結 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS