2,760 瀏覽數

Nessus

這是同事介紹可以針對網路卡做壓力測試的工具 "Nessus" 但是我看一看好像不是針對網卡做壓力測試的工具, 很像是針對網路安全做掃描的工具.先來看看怎麼用在官方網站裡面有幾個比較重連結.
Documentation :

第一步就是先下載 Nessus 這一套軟體,他所支援的平台幾乎已經是全包了,如下所示.

  • Debian 5 (i386 and x86-64)
  • Fedora Core 10 (i386 and x86-64) [Compatible with Fedora 9]
  • Fedora Core 11 (i586 and x86-64)
  • Fedora Core 12 and 13 (i586 and x86-64)
  • FreeBSD 7 (i386 and x86-64)
  • Mac OS X 10.4, 10.5 and 10.6 (i386, x86-64, ppc)
  • Red Hat ES 4 / CentOS 4 (i386)
  • Red Hat ES 5 / CentOS 5 (i386 and x86-64)
  • Slackware 10.2 (i386)
  • Solaris 10
  • SuSE 9.3 (i386)
  • SuSE 10.0 (i386 and x86-64)
  • Ubuntu 8.04 (i386 and x86-64)
  • Ubuntu 8.10 and 9.04 (i386 and x86-64)
  • Ubuntu 9.10 and 10.04 (i386 and x86-64)
  • Windows XP, Server 2003, Server 2008, Vista and 7 (i386 and x86-64)

Nessus 下載點 http://www.nessus.org/download/ 目前我所使用的平台是 RHEL5 ,基本上再安裝 RHEL5 安裝了大部分的軟體時其實只要從官方網站所提供的 RPM(Nessus-4.2.2-es5.x86_64.rpm) 檔就可以直接安裝使用.不過在 Nessus 的官方網站也說明需要下列的套件才能安裝.

  1. OpenSSL (e.g., openssl, libssl, libcrypto)
  2. zlib
  3. GNU C Library (i.e., libc)
[root@benjr ~]# rpm -ivh /mnt/Nessus-4.2.2-es5.x86_64.rpm 
Preparing… ########################################### [100%]
1:Nessus ########################################### [100%]
nessusd (Nessus) 4.2.2 [build K9129] for Linux
(C) 1998 – 2010 Tenable Network Security, Inc.
- Please run /opt/nessus//sbin/nessus-adduser to add a user
- Register your Nessus scanner at http://www.nessus.org/register/ to obtain
all the newest plugins
- You can start nessusd by typing /sbin/service nessusd start

雖然程式已經安裝完成但還是需要透過下面 3 個步驟才算完成安裝

  1. Please run /opt/nessus//sbin/nessus-adduser to add a user
  2. Register your Nessus scanner at http://www.nessus.org/register/ to obtain all the newest plugins
  3. You can start nessusd by typing /sbin/service nessusd start

Please run /opt/nessus//sbin/nessus-adduser to add a user

Nessus 主要是透過瀏覽器為控制介面,所以需要自訂使用者,之後這使用者就可以透過瀏覽器登入 Nessus 管理.

[root@benjr ~]# /opt/nessus/sbin/nessus-adduser 
Login : admin
Login password :
Login password (again) :
Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc…) (y/n) [n]: y
User rules
———-
nessusd has a rules system which allows you to restrict the hosts
that admin has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax

Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)

Login : admin
Password : ***********
This user will have 'admin' privileges within the Nessus server
Rules :
Is that ok ? (y/n) [y] y
User added

目前我對 User rules 的概念還是很陌生.

Register your Nessus scanner at http://www.nessus.org/register/ to obtain all the newest plugins

安裝好的 Nessus 是無法使用的還需要幾個步驟 active Nessus 之後可以取得 plugin

[root@benjr ~]# service nessusd start
Starting Nessus services:
Missing plugins. Attempting a plugin update…
Your installation is missing plugins. Please register and try again.
To register, please visit http://www.nessus.org/register/

Active 需要透過 Nessus 的網站取得一組啟動帳號 http://www.nessus.org/plugins/?view=register-info 一般使用選擇 "HomeFeed" 是不收費的.
nessus01
輸入你的 e-mail 就可以了,之後回到你的電子信箱會取得 Nessus 給你的 Active code.
nessus03
nessus05
取得 Nessus 給的 active code 回到 RHEL5 就可以啟動你的 Nessus 了,透過 nessus-fetch –register 指令就可以啟動,不過這需要透過網際網路直接連上 Nessus ,不過目前我的機台還沒連上網際網路所以 Nessus 可以透過瀏覽器註冊的方式來進行 https://plugins.nessus.org/offline.php

[root@benjr ~]# /opt/nessus/bin/nessus-fetch –register 07C6-A7E1-72CD-3C4B-B873
Could not resolve 'plugins.nessus.org'
Could not resolve 'plugins.nessus.org'
Could not open connection to plugins.nessus.org:443
Unknown error while communicating with the remote server
You have new mail in /var/spool/mail/root

除了剛剛取得的 Active code 還需要透過指令 nessus-fetch –challenge 來取得 challenge code.
nessus06

[root@benjr ~]# /opt/nessus/bin/nessus-fetch –challenge
Challenge code: e144b0302fb533a7c61f5fd1110a383e656c7948

You can copy the challenge code above and paste it alongside your
activation code at:

https://plugins.nessus.org/offline.php

最後成功取得最新的 Nessus plugins,接下來把這 plugin 匯入 RHEL5 下的 Nessus 即可大功告成.
nessus07
Nessus 的 plugin 檔案名稱為 all-version.tar.gz 透過 nessus-update-plugins 來匯入.

[root@benjr nessus]# /opt/nessus/sbin/nessus-update-plugins /root/all/all-2.0.tar.gz 
Expanding /root/all/all-2.0.tar.gz…
Done. The Nessus server will restart when its scans are finished

You can start nessusd by typing /sbin/service nessusd start

現在重新啟動 Nessus 就不會出現錯誤訊息,基本上就大功告成了.

[root@benjr nessus]# service nessusd start
Starting Nessus services:
[root@benjr all]# chkconfig nessusd on

回到你的瀏覽器 https://[Server IP Address]:8834/ 還記得剛剛建立好的自訂使用者與密碼.就可以開始使用 Nessus 了.
nessus08
這只是安裝好 Nessus 如何使用請先參考 Nessus 4.2 User Guide http://www.nessus.org/documentation/nessus_4.2_user_guide.pdf

發表迴響