Nessus 5.0 Installation and Configuration Guide - Tenable Network

More documents

Recommendations

Info

C:\Windows\system32>net stop "Tenable Nessus" The Tenable Nessus service is stopping. The Tenable Nessus service was stopped successfully. C:\Windows\system32>net start "Tenable Nessus" The Tenable Nessus service is starting. The Tenable Nessus service was started successfully. C:\Windows\system32> WORKING WITH SECURITYCENTER SECURITYCENTER OVERVIEW Tenable’s SecurityCenter is a web-based management console that unifies the process of vulnerability detection and management, event and log management, compliance monitoring, and reporting on all of the above. SecurityCenter enables efficient communication of security events to IT, management, and audit teams. SecurityCenter supports the use of multiple Nessus scanners in concert for the scanning of virtually any size network on a periodic basis. Using the Nessus API (a custom implementation of the XML-RPC protocol), SecurityCenter communicates with associated Nessus scanners to send scanning instructions and receive results. SecurityCenter enables multiple users and administrators with different security levels to share vulnerability information, prioritize vulnerabilities, show which network assets have critical security issues, make recommendations to system administrators for fixing these security issues and to track when the vulnerabilities are mitigated. SecurityCenter also receives data from many leading intrusion detection systems such as Snort and ISS via the Log Correlation Engine. SecurityCenter can also receive passive vulnerability information from Tenable’s Passive Vulnerability Scanner such that end users can discover new hosts, applications, vulnerabilities, and intrusions without the need for active scanning with Nessus. CONFIGURING SECURITYCENTER 4.0-4.2 TO WORK WITH NESSUS A “Nessus Server” can be added through the SecurityCenter administration interface. Using this interface, SecurityCenter can be configured to access and control virtually any Nessus scanner. Click the “Resources” tab and then click “Nessus Scanners”. Click “Add” to open the “Add Scanner” dialog. The Nessus scanner’s IP address, Nessus port (default: 1241), administrative login ID, authentication type, and password (created while configuring Nessus) are required. The password fields are not available if “SSL Certificate” authentication is selected. In addition, Zones that the Nessus scanner will be assigned to are selectable. An example screen capture of SecurityCenter’s “Add Scanner” page is shown below: Copyright © 2002-2012 Tenable Network Security, Inc. 62
After successfully adding the scanner, the following page is displayed after the scanner is selected: For more information please refer to the “SecurityCenter Administration Guide”. CONFIGURING SECURITYCENTER 4.4 TO WORK WITH NESSUS The SecurityCenter administration interface is used to configure access and control of any Nessus scanner that is version 4.2.x or higher. Click the “Resources” tab and then click “Nessus Scanners”. Click “Add” to open the “Add Scanner” dialog. The Nessus scanner’s IP address or hostname, Nessus port (default: 8834), authentication type (created while configuring Nessus), and administrative login ID and password or certificate information are required. The password fields are not available if “SSL Certificate” authentication is selected. The ability to Verify Hostname is provided to check the CommonName (CN) of the SSL certificate presented by the Nessus server. The state of the Nessus scanner may be set to Enabled or Disabled as needed, with a default of Enabled. Zones the Nessus scanner may be assigned to can be selected. An example screen capture of the SecurityCenter 4.4 “Add Scanner” page is shown below: Copyright © 2002-2012 Tenable Network Security, Inc. 63
Page 1 and 2:
Nessus 5.0 Installation and Configu
Page 3 and 4:
Installation Questions ............
Page 5 and 6:
Key Feature Updates The following a
Page 7 and 8:
Smart Service Recognition - Nessus
Page 9 and 10:
VULNERABILITY PLUGIN SUBSCRIPTIONS
Page 11 and 12: Fedora Core 16 (32 and 64 bit) Fetc
Page 13 and 14: Sample Output # dpkg -i Nessus-5.0.
Page 15 and 16: Fedora Core 16 (32 and 64 bit) All
Page 17 and 18: configuration options for your envi
Page 19 and 20: FreeBSD: # rm -rf /usr/local/nessus
Page 21 and 22: Sample Output Mac OS X # pkg_info |
Page 23 and 24: installation package by comparing t
Page 25 and 26: You will be prompted to confirm the
Page 27 and 28: STARTING AND STOPPING THE NESSUS DA
Page 29 and 30: Click “Continue”, and the softw
Page 31 and 32: At this point, Nessus will continue
Page 33 and 34: warning, a custom certificate to yo
Page 35 and 36: The first step is to create an acco
Page 37 and 38: Once the Activation Code and option
Page 39 and 40: Using the administrative credential
Page 41 and 42: Each option can be configured by ed
Page 43 and 44: Input the username and password, ve
Page 45 and 46: As a number of other factors that a
Page 47 and 48: scans to take longer and typically
Page 49 and 50: To avoid browser warnings, a custom
Page 51 and 52: Copy the organization’s CA certif
Page 53 and 54: ENABLE CONNECTIONS WITH SMART CARD,
Page 55 and 56: password is successfully entered, t
Page 57 and 58: This screen gives you access to dow
Page 59 and 60: Debian, Ubuntu, Solaris: /opt/nessu
Page 61: -p When starting the nessusd serve
Page 65 and 66: NESSUS WINDOWS TROUBLESHOOTING INST
Page 67 and 68: Tenable Blog: http://blog.tenable.c
Page 69 and 70: Portions Copyright (c) 2000 The Net
Page 71: ABOUT TENABLE NETWORK SECURITY Tena
show all

Nessus 5.0 Installation and Configuration Guide - Tenable Network

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?