Sunday, 6 April 2014

How to Install Nessus on Backtrack 5 - Enable Nessus on Backtrack

Nessus 4.4.1 now comes pre-installed on BackTrack 5 and requires that the user activate the installation. Before you activate Nessus on your BackTrack 5 installation, be certain you have installed Nessus either to the hard drive on the computer you plan to use or inside of a virtual machine that you plan to keep on the same host system. If you activate Nessus on a bootable USB thumb drive, DVD or a virtual machine and move it to a new host system, the Nessus activation code will no longer be valid. The Nessus activation ties itself to the physical system on which it is installed. If you do decide to move the virtual machine to a new system, or jump around to different systems using a bootable USB thumb drive or DVD, you will have to re-activate Nessus. If you are using a Nessus ProfessionalFeed, you are allowed to reset your activation by clearing the current connection between a host and an activation code. By logging into the Tenable Customer Support Portal and going to "Activation Codes", you can reset the activation code-to-host pairing. Professional Feed users are currently limited to one reset every 30 days. HomeFeed users will need to re-register Nessus when moving between physical hosts.

Step 1 - Obtaining An Activation Code

Once you have Nessus installed on BackTrack 5, you will need to obtain a Nessus activation code.  If you are using Nessus at home or wish to evaluate Nessus, you can register a HomeFeed. It’s important to note that the HomeFeed is limited to 16 IP addresses per scan (whereas the ProfessionalFeed allows you to scan an unlimited number of IP addresses). The ProfessionalFeed also gives you access to features such as Configuration and Sensitive Data Auditing, SCADA plugins, Nessus Technical Support and access to the Tenable Customer Portal.

Step 2 - Activating Nessus
Be certain that your BackTrack 5 installation has access to the Internet and activate Nessus using your newly obtained activation code as follows:

As shown above, this will also initially download the appropriate plugins based on which feed you've chosen.

Step 3 - Creating A User Account

Now you will create the initial user account that will be used to login to the Nessus Web Interface:

Add user in nessus
Adding User in Nessus

After you've entered a username, the nessus-adduser program asks you if the user account should have admin privileges or not. It is recommended that the initial user account have admin privileges so you can use the Nessus Web Interface to create subsequent accounts. The only difference between a Nessus admin user and a regular user is the ability to create user accounts.

Step 4 - Starting Nessus

Using the supplied startup script, start the Nessus server:

Step 5 - Accessing the Nessus Web Interface

Once Nessus has been initially started, it will begin to index and compile all of the plugins. This can take some time, depending on the speed of your system. If Nessus is still processing plugins, you may see the following screen when accessing the web interface:

The web interface can be accessed with your browser by making an HTTPS connection to TCP port 8834 (e.g. https://localhost:8834/). If you are using a browser local to the BackTrack 5 distribution, such as the supplied version of Firefox, be certain that you enable Flash and JavaScript for this site (Flash is required to access the Nessus Web Interface, and JavaScript is required to view some of the reports). You can also access the Nessus Web Interface remotely by using the IP address assigned to BackTrack 5 (e.g.

No comments:

Post a Comment