Article: Installing Nessus 2.0 on SuSE 9.0 Pro with KDE 3.1

by Lew Newlin


Installing Nessus 2.0 on SuSE 9.0 Pro with KDE 3.1

The following is a simple howto guide for installing the Nessus vulnerability scanner, server daemon, and client on SuSE Linux. The instructions do not include in depth explanations as it is assumed that you are familiar with features and benefits of Nessus and have a general working knowledge of Linux.



As with any software installation, your results may vary depending on the machine. The installation steps were conducted using the commercial version of SuSE 9.0 Professional steps were tested on a notebook, workstation, and server to insure accuracy. The one difference that may occur during your installation is that of the network card and/or Internet connection. At SiteRecon we do not use DHCP and each installation required manual setup of NIC and IP information. If you use DHCP, the network and Internet setup will differ from the instructions below.



The installation process should be conducted using the "root" account. It is strongly suggested that your install take place on a safe nonroutable network that does not have hostile traffic. Your system will be vulnerable and could easily become infected with a virus, worm, bomb, or hacked.



Install SuSE 9.0 Professional

Insert Disk 1 and boot system
Press F2 select screen resolution
Use up/down arrows to select "Installation"
Select Language
Select "New Installation"
(Screen may not appear depending on installation)
"Installation Settings" change anything needed then
YaST2 "Start installation"
(Screen may not appear depending on installation)
System Reboots...
Insert Disk 2 as requested, select
Click "Expert Options" button and change Encryption type to MD5
Enter root user password
"Network Configuration" change as needed
"Test Internet Connection"
"User Authentication Method"
"Add a New Local User" uncheck "Auto Login, enter data as desired
"Release Notes"
"Hardware Configuration"
"Installation Completed"
System boots to KDE interface
Login as root
"Welcome to SuSE Linux 9.0"
Click "Control Center" on task bar
Click "Desktop"
Click "Size & Orientation"
Select desired screen resolution, check "Apply settings on KDE startup"
Click "Accept Configuration"
Close "Size & Orientation" window




Network Card Setup (if needed)

Click "Control Center" on task bar
Click "YaST2 modules"
Click "Network Devices"
Click "Network card" and setup you NIC





SuSE Watcher

Click "SuSE Watcher" on task bar (round green or red icon on right)
Click
Click "Start online update"
"Welcome to YaST Online Update"

Take desired actions when prompted.
When completed, check "Remove Source Packages after Update", click




You now have a fully functioning and patched installation of SuSE and are ready to install the applications required for Nessus. It should be noted that by installing the programs below, you are also setting up an environment to compile GCC C programs. Additional information on GCC can be found at http://gcc.gnu.org/.



Nessus Application Requirements

Click "Control Center" on task bar
Click "YaST2 modules"
Click "Software"
Click "Install and Remove Software" and install the following programs:

Bison
Flex
Gcc
Gccc
GTK2
GTK2devel
GTKdevel
kdepim3timemanagement package
libnet
Make
OpenSSL
OpenSSLdevel
Perl
sharutils
xfree86
xfree86compatlibs
xfree86devel

Run YaST Online Update to patch all installed programs



Download Nessus

Click "Local Network"
Change location to "/"
Right click and Create New directory titled "nessusinstaller", close window
Using browser go to http://www.nessus.org/nessus_2_0.html
From "The easy and less dangerous way" section download "nessusinstaller.sh"
file saving to the "nessusinstaller" directory.



Compile Nessus

Click "Konsole" on task bar and change directories to "nessusinstaller"
Type "sh nessusinstaller.sh"
Accept defaults by pressing
(During the compiling process you may receive warning messages for
"nessus_popen", "insert_nasl_func", and "extra tokens". These are warning
messages and the compiling process should complete successfully.)
When compiling process is complete you will be prompted to press to quit.



Nessus Server Setup

Type "nessusmkcert" to make a server certificate

Accept default for "CA certificate life"
Accept default for "Server certificate life"
Enter your 2 letter country code
Enter your state or province code
Enter your location
Enter your organization name
Certificate process completed message

Type "nessusadduser" to create a user account

Enter login name
Accept default for authentication
Enter password
Press ctrlD to end user creation process
"Is that ok?" message

Type "nessusd D" to start the Nessus server service
(It may take several seconds for Nessus to finish initializing. The command
prompt will return once the Nessus daemon is started).



If you wish to have the Nessus Server daemon automatically started when the system is booted, edit the "etc/init.d/boot.local" file and append "nessusd D".



Nessus Setup

Type "nessus"
Enter login
Enter password
Click "Log in" button
"SSL Setup" window will appear, click
"Nessus" windows asking to accept this certificate, click
"Warning" message about plugins crashing remote systems will appear, click
Close "Konsole" window



KAlarm

Click "Start Applications" on task bar and select "Utilities", "Time", then "KAlarm"
In the KAlarm window click "Actions", then New
Check "Command" and enter "nessusupdateplugins" as the command line
Check "Any time" check box
Check "Recur" for Repetition, then select the "Recurrence" Tab
Enter "01:00" for "Recurr every" field
Select button, then
Close "Kalarm" window (Kalarm by default is automatically stated upon boot.)



Firewall

KDE provides builtin firewall protection. Vulnerability scanners such as Nessus do not normally function well with software firewalls in place. To remove the firewall:


Click "Control Center" on task bar
Click "YaST2 modules"
Click "Security and Users"
Click "Firewall"
Check "Stop Firewall and Remove from Boot Process"
"Firewall configuration deactivate firewall", click
"The firewall is now turned off"



General Information

Uninstall executable: /usr/local/sbin/uninstallnessus

Configuration file: /usr/local/etc/nessus/nessusd.conf

Certificate Authority: /usr/local/com/nessus/CA/cacert.pem

Certificate Authority Private: /usr/local/var/nessus/CA/cakey.pem

Nessus Server Certificate file: /usr/local/com/nessus/CA/servercert.pem

Nessus Server Private Key file: /usr/local/var/nessus/CA/serverkey.pem

Nessus uses port 1241 to communicate



You now have a fully functioning Nessus server daemon and client installed on SuSE using the KDE desktop environment. Kalarm is setup to automatically update Nessus plugins once per hour to insure you have the latest vulnerability tests. Nessus is now fully operational to help with your security needs.






About the Author


Lew Newlin is CTO of Information Solutions, Inc. that operates SiteRecon.com.
SiteRecon specializes in security, email monitoring, and web site monitoring
for Internet service providers and businesses.


Related Resources

Resources