tutorial - Scan vulnerability by using Nessus

Nessus is an incredible commercial-grade vulnerability scanner also freely available under the Gnu Public License (GPL). Nessus can use Nmap to further probe networks for holes. Nessus can selectively scan for over 675 (and growing) known security problems. The resulting reports are organized by host, categorized by severity, and can be exported in a variety of formats, to include a very slick crosslinked HTML including pie charts. Links to fixes for known security problems are included.

Installation

  1. Get the required files from : http://rpm.pbone.net/
    # rpm -ihv nessus-core-2.2.3-3.i586.rpm
    # rpm -ihv nessus-libraries-2.2.3-3.i586.rpm

Initial Configuration

  1. Create a certificate
    # nessus-mkcert
    If you do not know how to answer, just press enter.
  2. Create a user
    # nessus-adduser
  3. Change the runlevel, and start
    # checkconfig nessusd on
    # /etc/init.d/nessusd start

Update plugins

  1. To use up-to-date plugins, you need to register at http://www.nessus.org/register/
  2. After registering your e-mail, you will receive a message with an id as XXXX-XXXX-XXXX-XXXX-XXXX. You can simple enter like,
    # nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX
    # nessus-update-plugins -v
  3. Update automatically by crontab
    # crontab -u root -e
    Add following line.
    45 7 * * * /usr/sbin/nessus-update-plugins

Scanning

  1. Start nessus
    # nessus &
  2. Login to nessus. Type login name and password.

  3. Go to "Plugins" tab and select plugins to perform scanning. For example, press "Enable all" button.

  4. Go to "Target" tab and enter targets. Type either a host name, a host IP address, or network as "192.168.0.0/24"

  5. Press "Start the scan" when you are ready. Wait a while
  6. You will see a report after a couple of moment. So take consideration of the result!


Free, facebook, tips, Links, blogging, Downloads, Google, facebookTips, money, news, apps, Social, Media, Website, Tricks, games, Android, software, PIctures, Internet, Security, Web, codes, Review, bloggers, SAMSUNG, Worldwide, Contest, Exitic, Phones, facebookTricks, hacking, London, Olympics, SEO, Youtube, iOS, Adsense, gadgets, iPHONE, widgets, Doodle, twitter, video, Deals, technology, Aircel, Airtel, iPAD, Angry, Birds, BSNL, TechLife, GMAIL, Idea, Microsoft, SmartPhones, Stress, Buster, Windows, Yahoo, Infolinks, Nokia, Scam, Uninor, browsers, Amazon, Euro, CUP, Chat, IDM, JOBS, Modem, Music, Reliance, Results, SSC, Tata, Docomo, bing, freebie, mobile, placements, AIEEE, AlertPay, Chrome, College, Competetive, Exam, Dehradun, Extension, FireFox, GPRS, HTC, IMPACT, Info, MTS, Mark, Zukerberg, Paypal, Promotional, Post, Torrent, UTU, Unlocking, VodaFone, Wall, Paper, apple, books, engineering, iCAR, iTunes, pinterest, rovio, AVG, Admit, Card, Adobe, Affiliate, Marketing, Akhilesh, Amul, Girl, BlackBerry, ChromeBook, Clixsense, Coupon, Digitallife, Discovery, Emoticons, Festival, GATE, GIMP, Income, Tax, International, JSS, JailBreaking, Kindle, Linux, Local, MAX, PAYNE, Mac, Mango, Memory, Speed, Nexus, Online, Shopping, Raakhi, Report, Rising, Stars, Sample, Science, Sony, Syllabus, TabletBooK, Teamviewer, Templates, Dark, Knight, Rises, USA, UPMT, Virgin, Xperia, ZTE, challan, counselling, course, btech, funny, iMOVE, registration

source:http://linuxpoison.blogspot.com/2007/10/135781758010226.html