Nessus 3.0 on Ubuntu 5.10 (Breezy)

   Print.Print
Email.Email weblog link
Blog this.Blog this
Justin Clarke

Justin Clarke
Jan. 04, 2006 08:12 AM
Permalink

Atom feed for this author. RSS 1.0 feed for this author. RSS 2.0 feed for this author.

I for one have no particular problems with the fact that Nessus has gone to a closed source model from version 3, with the exception that this means I can’t run Nessus on some of my platforms of choice (ie, Gentoo Linux). However, since a package is available for Debian 3.x, I wondered if it would work on Ubuntu. This didn’t prove too difficult - I expect because Ubuntu is based on Debian 3.x and also because the Nessus developers have historically bundled their own versions of libraries to prevent library dependency issues (that seems to be the usual reason for not being able to install Debian packages on Ubuntu for me).

The install itself is fairly self explanatory:

  1. Download the Debian package (Nessus-3.0.0-debian3_i386.deb) from http://www.nessus.org/download/. This will involve signing up to download the binary – the e-mail they send you will allow you to register the plugin feed, allowing access to all the new plugins Tenable write after a 7 day delay.
  2. Install the package using dpkg. This will install the package into the /opt/nessus/ directory:
    • sudo dpkg -i Nessus-3.0.0-debian3_i386.deb
  3. The install will perform several of the steps that you would have previously done manually – eg, it will add the nessus directory into the /etc/ld.so.conf file so that the libraries will load.
  4. Add in your admin user using the /opt/nessus/sbin/nessus-add-first-user script. This is a bit different from how it was previously done – you add the first user this way, and then add extra users using the more familiar /opt/nessus/sbin/nessus-adduser script.
  5. Break open your e-mail, and paste in the command line supplied to register your plugin feed.
  6. Start the nessus daemon:
    • /opt/nessus/sbin/nessusd –D

If you have a problem with the Nessus daemon not starting (or aborting when starting), try running /opt/nessus/sbin/nessusd -R and then restarting the dameon.

There are some other differences in the new version, it is well worth a peruse of the documentation. One of the major differences is that there is no longer a GUI client supplied with the package – this has been split into a separate NessusClient package that you will also need to download from http://www.nessus.org/download/, and compile and install yourself. The command line client, however, is supplied with the binary package.

Enjoy!

Justin Clarke is active in developing security tools for penetrating web applications, servers, and wireless networks and as a compulsive tinkerer he can't leave anything alone without at least trying to see how it works.