Ubuntu 16.04安裝使用Nessus漏洞掃描工具
Nessus是目前全世界最多人使用的遠程系統漏洞掃描與分析軟件。它在計算機上執行1200多中檢查,試圖檢測出系統漏洞。
引用官方的介紹:
Nessus is the most trusted vulnerability scanning platform for auditors and security analysts. Users can schedule scans across multiple scanners, use wizards to easily and quickly create policies, schedule scans and send results via email. Nessus supports more technologies than any other vendor, including operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.
Nessus有免費版,也有收費版:(下載頁面)
Nessus
我安裝使用Home版,首先注冊一個激活碼:
Nessus
下載Nessus,選擇對應的系統:
Screen Shot 2016-04-21 at 09.02.24
我使用Ubuntu,下載對應的deb包,然后執行安裝命令:
$ sudo dpkg -i Nessus-6.6.1-ubuntu1110_amd64.deb
1
$ sudo dpkg -i Nessus-6.6.1-ubuntu1110_amd64.deb
Nessus
Nessus安裝到了/opt目錄中。
啟動Nessus服務:
$ sudo systemctl enable nessusd.service
$ sudo systemctl start nessusd.service
1
2
$ sudo systemctl enable nessusd.service
$ sudo systemctl start nessusd.service
Nessus使用8834端口;配置防火牆:
$ sudo ufw allow 8834/tcp
1
$ sudo ufw allow 8834/tcp
打開瀏覽器訪問Nessus:
https://your_server_domain_or_ip:8834/
1
https://your_server_domain_or_ip:8834/
安裝Nessus
點擊Continue開始設置賬戶、注冊、下載最新的插件。
安裝Nessus
安裝Nessus
安裝Nessus
設置完成之后登錄Nessus管理頁面:
Nessus
Nessus
從模版中添加新的Scan:
Nessus