Security Lab : Installing Nessus

I created a Ubuntu Server to host a few security related tools for experimentation and learning. But after installing the firewall I was stuck. I had very difficult time trying to get the OpenVAS security scanner up and running on Ubuntu 10.04. After many failed attempts I discovered that Ubuntu 10.04 was not my best choice for a host. Ubuntu 10.04 is an older version of the distribution. Most of the security tools I want top use are deprecated on that version. I want to use the newer version of the security tools. So I installed OpenVAS and upgraded to Ubuntu 14.04.2 LTS via the do-release-upgrade command.

Security Lab : Installing Nessus Screenshot 2015 04 05 08.37.32

After upgrading to the latest release of the Ubuntu I re-installed OpenVAS. But … I ran into other issues. The OpenVAS client requires X Windows. I had intended running Ubuntu as a headless server so this was disappointing. I did not and do want to install an X client on the server. I have the XQuartz X Windows server software on the iMac so I tried using that to server the display. It didn’t work at all.

root@ubuntuserver: export DISPLAY:10.0.1.7:0.0
root@ubuntuserver:~# openvas-client localhost 88

(openvas-client:10152): Gtk-WARNING **: cannot open display: 10.0.1.7:0.0

Aargh! I’m not sure what I’m doing wrong. Perhaps I have ports blocked on my Mac. I spent a few another 30 minutes in a futile attempt to get this work before calling it quits on OpenVAS.

After thinking for a bit and doing some web searching I discovered that Tenable offers a Nessus Home edition of Nessus that I could install on my Ubuntu sever. The Nessus Home edition is for private non-commercial use. With Nessus® Home I can scan my personal home network with some limitation. Each scanner will be limited to 16 IP addresses. I have almost 20 devices on my network but at least 8 of those are iOS devices. I’m not sure of the utility of scanning those. Apple doesn’t provide any tools for blocking ports, so scanning them is moot.

I used Lynx to download the package to my server and I installed the package and started the daemon.

root@ubuntuserver:~# dpkg -i Nessus-6.3.4-ubuntu1110_amd64.deb
root@ubuntuserver:~# service nessusd start

Security Lab : Installing Nessus nessus invalid certificate

Before I could complete the setup I made sure to register for an activation code. Once I received my activation code, I opened Safari and entered the following URL: https://10.0.1.18:8834/. The Nessus server is pre-configured to use a self-signed SSL certificate.

Security Lab : Installing Nessus nessus install

Once I accepted the certificate I created a user account and registered my installation with Nessus. The registration is important if you want to receive updated scan signatures.

Security Lab : Installing Nessus initial account setup

Security Lab : Installing Nessus product registration

Once setup was complete I started a scan of my network using the default Host Discovery policy. This will allow me to find information about the hosts on my network. I already had a list of hosts so I did not scan the whole network. However, I think it might be useful to know if any unauthorized hosts connect to my network. I have a WPA2 wireless network with a very long randomly generated complex password so it’s not likely. Three of my devices are connected to my network via an Ethernet switch. I configured a discovery scan to run once a week and email me the results.

Security Lab : Installing Nessus discovery scan

I also scheduled a once monthly vulnerability scan.

I am happy to have a vulnerability scanner working. OpenVAS is the open source version of Nessus but I had some issues getting a working setup. If I can muster the patience I will revisit it. I am sure there is either a web front-end or terminal only client for OpenVAS. I just haven’t found it yet. The one downside to using Nessus Home is that my scans are limited to my non-routable addresses. I can scan my home network but if I want to scan my hosts at Digital Ocean I will have to pay Tenable.

NOTE:

Shortly after writing this, I discovered that there is in fact an OpenVAS command line utility. So … I will revisit using OpenVAS at a later time.

Liked this post? Follow this blog to get more. 

Got some feedback? Please leave a comment below.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)