Installing Nessus 2.0 on SuSE 9.0 Pro with KDE 3.1

The following is a simple how-to guide for installing the Nessus vulnerability scanner, server daemon, and client on SuSE Linux. The instructions do not include in depth explanations as it is assumed that you are familiar with features and benefits of Nessus and have a general working knowledge of Linux.

As with any software installation, your results may vary depending on the machine. The installation steps were conducted using the commercial version of SuSE 9.0 Professional steps were tested on a notebook, workstation, and server to insure accuracy. The one difference that may occur during your installation is that of the network card and/or Internet connection. At SiteRecon we do not use DHCP and each installation required manual setup of NIC and IP information. If you use DHCP, the network and Internet setup will differ from the instructions below.

The installation process should be conducted using the "root" account. It is strongly suggested that your install take place on a safe non-routable network that does not have hostile traffic. Your system will be vulnerable and could easily become infected with a virus, worm, bomb, or hacked.

Install SuSE 9.0 Professional Insert Disk 1 and boot system Press F2 - select screen resolution Use up/down arrows to select "Installation" Select Language Select "New Installation" (Screen may not appear depending on installation) "Installation Settings" change anything needed then YaST2 "Start installation" (Screen may not appear depending on installation) System Reboots... Insert Disk 2 as requested, select Click "Expert Options" button and change Encryption type to MD5 Enter root user password "Network Configuration" - change as needed "Test Internet Connection" "User Authentication Method" "Add a New Local User" - uncheck "Auto Login, enter data as desired "Release Notes" "Hardware Configuration" "Installation Completed" System boots to KDE interface Login as root "Welcome to SuSE Linux 9.0" Click "Control Center" on task bar Click "Desktop" Click "Size & Orientation" Select desired screen resolution, check "Apply settings on KDE startup" Click "Accept Configuration" Close "Size & Orientation" window

Network Card Setup (if needed) Click "Control Center" on task bar Click "YaST2 modules" Click "Network Devices" Click "Network card" and setup you NIC

SuSE Watcher Click "SuSE Watcher" on task bar (round green or red icon on right) Click Click "Start online update" "Welcome to YaST Online Update" Take desired actions when prompted. When completed, check "Remove Source Packages after Update", click

You now have a fully functioning and patched installation of SuSE and are ready to install the applications required for Nessus. It should be noted that by installing the programs below, you are also setting up an environment to compile GCC C programs. Additional information on GCC can be found at http://gcc.gnu.org/.

Nessus Application Requirements Click "Control Center" on task bar Click "YaST2 modules" Click "Software" Click "Install and Remove Software" and install the following programs: Bison Flex Gcc Gcc-c++ GTK2 GTK2-devel GTK-devel kdepim3-time-management package libnet Make OpenSSL OpenSSL-devel Perl sharutils xfree86 xfree86-compat-libs xfree86-devel Run YaST Online Update to patch all installed programs

Download Nessus Click "Local Network" Change location to "/" Right click and Create New directory titled "nessus-installer", close window Using browser go to http://www.nessus.or g/nessus_2_0.html From "The easy and less dangerous way" section download "nessus-installer.sh" file saving to the "nessus-installer" directory.

Compile Nessus Click "Konsole" on task bar and change directories to "nessus-installer" Type "sh nessus-installer.sh" Accept defaults by pressing (During the compiling process you may receive warning messages for "nessus_popen", "insert_nasl_func", and "extra tokens". These are warning messages and the compiling process should complete successfully.) When compiling process is complete you will be prompted to press to quit.

Nessus Server Setup Type "nessus-mkcert" to make a server certificate Accept default for "CA certificate life" Accept default for "Server certificate life" Enter your 2 letter country code Enter your state or province code Enter your location Enter your organization name Certificate process completed message Type "nessus-adduser" to create a user account Enter login name Accept default for authentication Enter password Press ctrl-D to end user creation process "Is that ok?" message Type "nessusd -D" to start the Nessus server service (It may take several seconds for Nessus to finish initializing. The command prompt will return once the Nessus daemon is started).

If you wish to have the Nessus Server daemon automatically started when the system is booted, edit the "etc/init.d/boot.local" file and append "nessusd -D".

Nessus Setup Type "nessus" Enter login Enter password Click "Log in" button "SSL Setup" window will appear, click "Nessus" windows asking to accept this certificate, click "Warning" message about plugins crashing remote systems will appear, click Close "Konsole" window

KAlarm Click "Start Applications" on task bar and select "Utilities", "Time", then "KAlarm" In the KAlarm window click "Actions", then New Check "Command" and enter "nessus-update-plugins" as the command line Check "Any time" check box Check "Recur" for Repetition, then select the "Recurrence" Tab Enter "01:00" for "Recurr every" field Select button, then Close "Kalarm" window (Kalarm by default is automatically stated upon boot.)

Firewall

KDE provides built-in firewall protection. Vulnerability scanners such as Nessus do not normally function well with software firewalls in place. To remove the firewall:

Click "Control Center" on task bar Click "YaST2 modules" Click "Security and Users" Click "Firewall" Check "Stop Firewall and Remove from Boot Process" "Firewall configuration - deactivate firewall", click "The firewall is now turned off"

General Information

Uninstall executable: /usr/local/sbin/uninstall-nessus

Configuration file: /usr/local/etc/nessus/nessusd.conf

Certificate Authority: /usr/local/com/nessus/CA/cacert.pem

Certificate Authority - Private: /usr/local/var/nessus/CA/cakey.pem

Nessus Server Certificate file: /usr/local/com/nessus/CA/servercert.pem

Nessus Server - Private Key file: /usr/local/var/nessus/CA/serverkey.pem

Nessus uses port 1241 to communicate

You now have a fully functioning Nessus server daemon and client installed on SuSE using the KDE desktop environment. Kalarm is setup to automatically update Nessus plugins once per hour to insure you have the latest vulnerability tests. Nessus is now fully operational to help with your security needs.