Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Installing Nessus for SecurityCenter on laptop

$
0
0

The great thing about Tenable SecurityCenter: when you buy it you also gethundreds of licenses for Nessus. You will need these licenses to deploy Nessus hosts on your network, connect them to your Tenable SecurityCenter and manage scan process using SecurityCenter via graphical user interface or API. Of course, with all the restrictions on amount of IP addresses that you can scan.

At the same time, these Nessus for SecurityCenter servers are fully functional . Technically this servers are the same as Nessus Professional. Nessus for SecurityCenter has the same web interface, where you can create multiple user accounts, manage the scans in GUI and API, scan any amount of IP addresses . Scan data will be stored locally on your Nessus server and your SecurityCenter will not see it or use it in any way. This is really great. And I hope it is a feature and not a bug.


Installing Nessus for SecurityCenter on laptop

However,there are some differences. Nessus Professional downloads security plugins and makes activation using remote Tenable severs. Nessus for SecurityCenter does these things using SecurityCenter in your network.

So, when you have such a great amount of Nessus licenses you may want to install one on your own laptop. It might be really useful for debugging. For example, when you are developing your own nasl scripts, to enable them in Nessus, you will need to restart it. And you will not probably want to do it on the Nessus server where dozens of scanning jobs are running.

In this post I will try to install Nessus on Centos 7 in VirtualBox, configure port forwarding, activate and update Nessus plugins with SecurityCenter.

CentOS 7

I have created default virtual machine configuration in VirtualBox with two network interfaces: NAT and Host-only Network. Configuration for Host-only Network you can see on the screenshot:


Installing Nessus for SecurityCenter on laptop

I have installed the latest version of CentOS 7 available at the time: CentOS-7-x86_64-Minimal-1511.iso from https://mirror.yandex.ru/centos/7/isos/x86_64/

CentOS installation process is pretty straightforward. I use “vmuser” as user name. Ifnetwork is not working after installation run “ nmtui" , choose “Edit a connection” and set “Automatically connect” for all the adapters.


Installing Nessus for SecurityCenter on laptop

With “ ip addr" you can get an IP-address of virtual machine. For me it is 192.168.56.101. installing OpenSSH Server with “ yum install openssh-server" .

Trying to connect to Centos 7 virtual machine using “ ssh vmuser@192.168.56.101" to check that everything is fine.

Port forwarding

SecurityCenter manages Nessus servers connecting to them at 8834 TCP port (it’s a default port, it can be changed). So, to activate my Nessus installation, SecurityCenter will need to connect to my laptop at 8834 tcp and then this connection should be forwarded to 8834 port of CentOS 7 virtual machine. We can do it with port forwarding feature. In configuration of virtual machine NAT interface I defined Port Forwarding rules:


Installing Nessus for SecurityCenter on laptop

I also forwarded 22 ssh Guest Port for testing reasons. The IP-address of my laptop is 172.16.15.22. If “ ssh vmuser@172.16.15.22 -p 9999" works well, then everything was configured correctly. Note, that port forwarding of low host ports, like 22 host to 22 guest port will not work. It is because you are probably run Virtualbox from normal user, not root.

Nessus installation

I have downloaded Nessus 6.9.2 rpm package for Red Hat ES 7 / CentOS 7 / Oracle linux 7 (including Unbreakable Enterprise Kernel) x86_64 at https://support.tenable.com/support-center/

Uploading Nessus-6.9.2-es7.x86_64.rpm to the the CentOS7 virtual machine:

$ scp Nessus-6.9.2-es7.x86_64.rpm vmuser@192.168.56.101:/home/vmuser vmuser@192.168.56.101's password: Nessus-6.9.2-es7.x86_64.rpm 100% 33MB 32.9MB/s 00:01

Then connect to the server and install Nessus package:

$ ssh vmuser@192.168.56.101 $ su # rpm -i Nessus-6.9.2-es7.x86_64.rpm warning: Nessus-6.9.2-es7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 1c0c4a5d: NOKEY Unpacking Nessus Core Components... nessusd (Nessus) 6.9.2 [build M20074] for Linux Copyright (C) 1998 - 2016 Tenable Network Security, Inc Processing the Nessus plugins... [##################################################] All plugins loaded (1sec) - You can start Nessus by typing /bin/systemctl start nessusd.service - Then go to https:/192.168.56.101:8834/ to configure your scanner

# systemctl start nessusd.service

If you don’t see anything athttps:/192.168.56.101:8834/ you may try to disable firewall:

# systemctl stop firewalld # systemctl status firewalld

Configuration process athttps://192.168.56.101:8834/ is the same as it was forNessus Home andNessus Manager. The only difference is Product Registration screen. You need to choose there “Managed by SecurityCenter”. Administrator account, that you will create during the configuration process, will be used by SecurityCenter for activation and updating.


Installing Nessus for SecurityCenter on laptop

When configuration process will be finished, you will see this Settings screen. As you see, there are no Scan and Policies tabs. There are no plugins as well.


Installing Nessus for SecurityCenter on laptop
SecurityCenter

Check once again, that port forwarding is working. Open https://172.16.15.22:8834/, where 172.16.15.22 is your laptop IP. If everything is fine, go to SecurityCenter with your administrator account and add new Nessus Scanner. You will need to specify name of the scanner, host, port, and method of authentication: by login/password or SSL certificate.


Installing Nessus for SecurityCenter on laptop

I have created “Leonov Notebook” scanner, host 172.16.15.22, port 8834 and used “admin” account of my new Nessus server for authentication.

You can see the status of the new scanner:


Installing Nessus for SecurityCenter on laptop

The status will be changing: “Updating Status”, “Plugins Out of Sync”, “Updating plugins” and finally “Working”. Here is how new Nessus scanner looks from SecurityCenter when activation and update are finished:


Installing Nessus for SecurityCenter on laptop

When you connect to https:/192.168.56.101:8834/ or https://172.16.15.22:8834/ you will see fully functional and ready to use Nessus for SecurityCenter scanner with the latest Plugin Set:


Installing Nessus for SecurityCenter on laptop

Viewing all articles
Browse latest Browse all 12749

Trending Articles