Installing Nessus 2.0 on SuSE 9.0 Pro with KDE 3.1

The following is a simple how-to guide for installing the Nessus vulnerability scanner, server daemon, and client on SuSE Linux. The instructions do not include in depth explanations as it is assumed that you are familiar with features and benefits of Nessus and have a general working knowledge of Linux.



As with any software installation, your results may vary depending on the machine. The installation steps were conducted using the commercial version of SuSE 9.0 Professional steps were tested on a notebook, workstation, and server to insure accuracy. The one difference that may occur during your installation is that of the network card and/or Internet connection. At SiteRecon we do not use DHCP and each installation required manual setup of NIC and IP information. If you use DHCP, the network and Internet setup will differ from the instructions below.



The installation process should be conducted using the "root" account. It is strongly suggested that your install take place on a safe non-routable network that does not have hostile traffic. Your system will be vulnerable and could easily become infected with a virus, worm, bomb, or hacked.



Install SuSE 9.0 Professional

• Insert Disk 1 and boot system
  
• Press F2 - select screen resolution
  
• Use up/down arrows to select "Installation"
  
• Select Language
  
• Select "New Installation"
  (Screen may not appear depending on installation)
  
• "Installation Settings" change anything needed then
  
• YaST2 "Start installation"
  (Screen may not appear depending on installation)
  
• System Reboots...
  
• Insert Disk 2 as requested, select
  
• Click "Expert Options" button and change Encryption type to MD5
  
• Enter root user password
  
• "Network Configuration" - change as needed
  
• "Test Internet Connection"
  
• "User Authentication Method"
  
• "Add a New Local User" - uncheck "Auto Login, enter data as desired
  
• "Release Notes"
  
• "Hardware Configuration"
  
• "Installation Completed"
  
• System boots to KDE interface
  
• Login as root
  
• "Welcome to SuSE Linux 9.0"
  
• Click "Control Center" on task bar
  
• Click "Desktop"
  
• Click "Size & Orientation"
  
• Select desired screen resolution, check "Apply settings on KDE startup"
  
• Click "Accept Configuration"
  
• Close "Size & Orientation" window
  

• Network Card Setup (if needed)
  
  
  
  • Click "Control Center" on task bar
    
  • Click "YaST2 modules"
    
  • Click "Network Devices"
    
  • Click "Network card" and setup you NIC
    
  
  

• SuSE Watcher
  
  
  
  • Click "SuSE Watcher" on task bar (round green or red icon on right)
    
  • Click
    
  • Click "Start online update"
    
  • "Welcome to YaST Online Update"
    
  • 
    
  • Take desired actions when prompted.
    
  • When completed, check "Remove Source Packages after Update", click
    
  
  

You now have a fully functioning and patched installation of SuSE and are ready to install the applications required for Nessus. It should be noted that by installing the programs below, you are also setting up an environment to compile GCC C programs. Additional information on GCC can be found at http://gcc.gnu.org/.



Nessus Application Requirements

• Click "Control Center" on task bar
  
• Click "YaST2 modules"
  
• Click "Software"
  
• Click "Install and Remove Software" and install the following programs:
  
  
  
  • Bison
    
  • Flex
    
  • Gcc
    
  • Gcc-c++
    
  • GTK2
    
  • GTK2-devel
    
  • GTK-devel
    
  • kdepim3-time-management package
    
  • libnet
    
  • Make
    
  • OpenSSL
    
  • OpenSSL-devel
    
  • Perl
    
  • sharutils
    
  • xfree86
    
  • xfree86-compat-libs
    
  • xfree86-devel
    
  
  
• Run YaST Online Update to patch all installed programs
  

Download Nessus

• Click "Local Network"
  
• Change location to "/"
  
• Right click and Create New directory titled "nessus-installer", close window
  
• Using browser go to http://www.nessus.org/nessus_2_0.html
  
• From "The easy and less dangerous way" section download "nessus-installer.sh"
  file saving to the "nessus-installer" directory.
  

Compile Nessus

• Click "Konsole" on task bar and change directories to "nessus-installer"
  
• Type "sh nessus-installer.sh"
  
• Accept defaults by pressing
  (During the compiling process you may receive warning messages for
  "nessus_popen", "insert_nasl_func", and "extra tokens". These are warning
  messages and the compiling process should complete successfully.)
  
• When compiling process is complete you will be prompted to press to quit.
  

Nessus Server Setup

• Type "nessus-mkcert" to make a server certificate
  
  
  
  • Accept default for "CA certificate life"
    
  • Accept default for "Server certificate life"
    
  • Enter your 2 letter country code
    
  • Enter your state or province code
    
  • Enter your location
    
  • Enter your organization name
    
  • Certificate process completed message
    
  
  
• Type "nessus-adduser" to create a user account
  
  
  
  • Enter login name
    
  • Accept default for authentication
    
  • Enter password
    
  • Press ctrl-D to end user creation process
    
  • "Is that ok?" message
    
  
  
• Type "nessusd -D" to start the Nessus server service
  (It may take several seconds for Nessus to finish initializing. The command
  prompt will return once the Nessus daemon is started).
  

If you wish to have the Nessus Server daemon automatically started when the system is booted, edit the "etc/init.d/boot.local" file and append "nessusd -D".



Nessus Setup

• Type "nessus"
  
• Enter login
  
• Enter password
  
• Click "Log in" button
  
• "SSL Setup" window will appear, click
  
• "Nessus" windows asking to accept this certificate, click
  
• "Warning" message about plugins crashing remote systems will appear, click
  
• Close "Konsole" window
  

KAlarm

• Click "Start Applications" on task bar and select "Utilities", "Time", then "KAlarm"
  
• In the KAlarm window click "Actions", then New
  
• Check "Command" and enter "nessus-update-plugins" as the command line
  
• Check "Any time" check box
  
• Check "Recur" for Repetition, then select the "Recurrence" Tab
  
• Enter "01:00" for "Recurr every" field
  
• Select button, then
  
• Close "Kalarm" window (Kalarm by default is automatically stated upon boot.)
  

Firewall

KDE provides built-in firewall protection. Vulnerability scanners such as Nessus do not normally function well with software firewalls in place. To remove the firewall:

• Click "Control Center" on task bar
  
• Click "YaST2 modules"
  
• Click "Security and Users"
  
• Click "Firewall"
  
• Check "Stop Firewall and Remove from Boot Process"
  
• "Firewall configuration - deactivate firewall", click
  
• "The firewall is now turned off"
  

General Information

Uninstall executable: /usr/local/sbin/uninstall-nessus

Configuration file: /usr/local/etc/nessus/nessusd.conf

Certificate Authority: /usr/local/com/nessus/CA/cacert.pem

Certificate Authority - Private: /usr/local/var/nessus/CA/cakey.pem

Nessus Server Certificate file: /usr/local/com/nessus/CA/servercert.pem

Nessus Server - Private Key file: /usr/local/var/nessus/CA/serverkey.pem

Nessus uses port 1241 to communicate



You now have a fully functioning Nessus server daemon and client installed on SuSE using the KDE desktop environment. Kalarm is setup to automatically update Nessus plugins once per hour to insure you have the latest vulnerability tests. Nessus is now fully operational to help with your security needs.