操作系统安全：nessus安装及使用.docx

《操作系统安全：nessus安装及使用.docx》由会员分享，可在线阅读，更多相关《操作系统安全：nessus安装及使用.docx（13页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、实验一 ：nessus安装及使用一、Nessus简介Nessus号称是世界上最流行的漏洞扫描程序，全世界有超过75000个组织在使用它。该工具提供完整的电脑漏洞扫描服务，并随时更新其漏洞数据库。Nessus不同于传统的漏 洞扫描软件，Nessus可同时在本机或远端上遥控，进行系统的漏洞分析扫描。对应渗透测 试人员来说,Nessus是必不可少的工具之一。Nessus通常包括成千上万的最新的漏洞，各种各样的扫描选项,及易于使用的图形界 面和有效的报告。Nessus之所以被人们喜爱，是因为该工具具有几个特点。如下所示：提供完整的电脑漏洞扫描服务，并随时更新其漏洞数据库。不同于传统的漏洞扫描软件。Ne

2、ssus可同时在本机或远程控制，进行系统的漏洞分析 扫描。其运作效能随着系统的资源而自行调整。如果将主机配置更多的资源(如加快CPU速度 或增加内存大小)，其效率表现可因为丰富资源而提高。可自行定义插件。NASL ( Nessus Attack Scripting Language )是由Tenable所发出的语言,用来写入 Nessus的安全测试选项。完全支持SSL ( Secure Socket Layer)。二.实验目的1、掌握nessus的环境安装2、掌握nessus扫描漏洞3、掌握nessus的基本使用三.Nessus的下载注册1、下载软件包SettingsCredentialsCo

3、mpliancePluginsBASICGeneralScheduleNotificationsDISCOVERYASSESSMENTREPORTADVANCEDNameDescriptionFolderTargetsMy ScansSettings CredentialsBASICVGeneralScheduleNotificationsDISCOVERYASSESSMENTREPORTADVANCED配置完成后进入如下界面，点击图中的“开始图标开始扫描：Name wScheduleOn DemandOn DemandLast Modified C Today at 10:56 PMToda

4、y at 10:48 PM扫描完成后点击此次扫描的名称，进入如下界面：W Back to My ScansHostsVulnerabilities 27History 21 HostFilter Vulnerabilities点击图中的Export,可以选择要导出扫描报告的格式，一般我们都选择pd格式ConfigureAudit TrailLaunchExportScan DetailsName:Status:CompletedPolicy:Advanced ScanScanner:Local ScannerStart:Today at 10:59 PMEnd:Today at 11:07 P

5、MElapsed:8 minutesExport as PDFReportExecutive SummaryExportCancelTotal: 31SEVERITYcvssPLUGMCRrriCAL10.093650CRmCAL10.040354CRrncAL10.0792355.850686MEDIUM5.842263| MEDIUM5.012217Vulnerabiitiesa a infiRa翻开导出的扫描报告，我们可以查看这次扫描的结果和扫描到的漏洞描述303322CRITICALHIGHMEDIUMLOWHFONAMEDroptear SSH Server 2016.72 Mult

6、ple VdnerabifabesOpenWrt Router will a Blank Password (telnel check)Unprotected Telnet SrvioeIP Forwarding EnabledUnencrypted Telnet ServerDNS Server Cache Snooping Remote Informaton DisclosureHMHP Qxifvof Hoio/MtAn在安装Nessus工具之前，首先要获取该工具的安装包。而且，Nessus工具安装后，必 须要激活才可使用。所以，下面将分别介绍获取Nessus安装包和激活码的方法。获取N

7、essus安装包Nessus的官方下载地址是：在浏览器中输入以上地址，翻开如下列图所示的界面。NameDescriptionDetails。Windows 7,8,10 （32-bit）Checksum令 SUSE 11 Enterprise i586（32-bit）Checksum令 macOS （10.8 -10.13）Checksum。Nessus-8.0.1- suse11j86_64.rpmSUSE 11 Enterprise（64-bit）Checksum泰 debian6J386.debDebian 6,7, 8, 9 / Kali Linux 1, 20173 i386（32-

8、bit）Checksum令 Red Hat ES 7（64-bit） / Centos 7 / Oracle Linux 7Checksum从该界面可以看到，官网提供了Nessus工具各种平台的安装包，如Windows、Mac OSX、Linux、FreeBSD等。用户可以根据自己的操作系统及架构，选择对应的安装包。单击该软件包后，将弹出许可协议对话框，选择同意，可下载安装包。License AgreementTHEM. The Software may be provided to You by Tenable or Tenables designated vendor (the Vendo

9、r).1. Definitions.(a) Host means any scanned device that can have a unique tag pushed to it (via a registry entry, text file, etc.), one that can have a unique identifier (CPU ID, Instance IDr Agent ID, IP Address, MAC Address, NetBIOS Name, etc.) pulled from it, or is addressable via URI or URL (i.

10、e., ).(b) “Plug-In means any individual program or script used to analyze for and/or identify specific security vulnerabilities.(c) If You are licensing Securitycenter, the following terms apply：(1) “Purpose means to seek and assess information technology vulnerabilities and intrusion detection even

11、ts up to the number of Hosts for which the Licensed Product is licensed.(2) Licensed Product means Securitycenter or higher.e是否要安装此文件？帮助(H)关闭(C)安装2、获取激活码在使用Nessus之前，必须先激活该服务才可使用。如果要激活Nessus服务，那么需要到 官网获取一个激活码。下面将介绍获取激活码的方法。具体操作步骤如下所示：(1)在浏览器中输入以下地址：成功访问以上链接后，单击Nessus Home Free下面的Register Now按钮Registe

12、r for an Activation CodeFirst NameLast NameNessus HomeFreeNessus Home allows you to scan your personal home network with thesame powerful scanner enjoyed by Nessus subscribers.For Home UsersScan 16 IPsNessus Home features:High-speed, accurate assessment with thousands ofchecksAge nt less scanning of

13、 home networks获得如下列图所示界面，在界面填写一些信息，为了获取激活码。在该界面First Name 和Last Name文本框中，用户可以任意填写。但是,Email下的文本框必须填写一个合法的 邮件地址，用来获取邮件。当以上信息设置完成后，单击Register按钮。)me network (up to 16 IP addresses per scanner) withcess to support, allow you to perform compliance essus virtual appliance. If you require support and is sub

14、scription.le environment only. It is not for use by anyu Check to receive updates from Tenable接下来，将会在注册的邮箱中收到T分关于Nessus的邮件。进入邮箱翻开收到的邮件， 将会看到一串数字，类似XXXX-XXXX-XXXX-XXXX，即激活码。当成功安装Nessus工具后,就可以使用以上获取到的激活码来激活该服务了。激活码：33F8-FE5A-9F15-BC94-729FNessus Home EvaluationWelcome to Nessus Home and congratulation

15、s on taking action to secure your personal network! We offer the latest plugins for vulnerability scanning today, helping you identify more vulnerabilities and keep your personal network protected.If you use Nessus in a professional capacity and want advanced capabilities such as unlimited assessmen

16、ts, or the ability to perform compliance checks or content audits, Nessus Professional may be better suited to your needs. To learn more view the Nssus Professional datasheet or request a free evaluation.Activating Your Nessus Home SubscriptionYour activation code for Nessus Home is: 33F8-FE5A-9F15-

17、BC94-729F3、Nessus工具安装将下载的安装包复制到/root下。接下来，就可以安装Nesus工具了。执行命令如下所示：安装完成后使用命令/etc/init.d/nessusd start进行启动rooWbogon # sudo rpm -ihv Nessus-8. 0. l-es6, x86_64. rpmwarning： Nessus-8. 0. l-es6. x86_64, rpm： Header V4 RSSHAl Signature, key ID lc0c4 a5d: NOKEY Preparing.# 100%oackaae Nessus-8. 0. l-es6, x8

18、6 64 is alreadv installed - I-trootgbogon # /etc/init. d/nessusd start Starting Nessus services:确定r i ii /opt/nessus/sbin/nessuscli adduser admin 用户名自定义密码自行设置/opt/nessus/sbin/nessuscli chpasswd admin 修改用户密码rootbogon /opt/nessus/sbin/nessuscli adduser adminLogin password：Login password (again):Do you

19、 want this user to be a Nessus system administrator user (can upload plu gins, etc.)? (y/n) n: yUser rulesnessusd has a rules system which allows you to restrict the hosts that admin has the right to test. For instance, you may want him to be able to scan his own host only.Please see the Nessus Comm

20、and Line Reference for the rules syntaxEnter the rules for this user, and enter a BLANK LINE once you are done (the user can have an empty rules set)Login : adminPassword : *This user will have system administrator* privileges within the Nessus server Is that ok? (y/n) n: yUser added rootbogon /opt/

21、nessus/sbin/nessuscli fetch -register 软件激活码rootObogon # /opt/nessus/sbin/nessuscli fetch -register 33F8-FE5A-9F15-BC94- 729 FYour Activation Code has been registered properly - thank you.Fetching the newest updates from nessus. orgNessus Plugins：Nessus Plugins：Downloading (0%)Downloading (0%)Nessus

22、Plugins：Downloading (0%)Nessus Plugins：Downloading (0%)Nessus Plugins:Downloading (0%)Nessus Plugins:Downloading (0%)Nessus Plugins：Downloading (0%)Nessus Plugins：Downloading (0%)Nessus Plugins：Downloading (0%)Nessus Plugins:Downloading (1%)Nessus Plugins:Downloading (2%)Nessus Plugins:Downloading (

23、2%)Nessus Plugins:Downloading (3%)CT f / 匚 M /opt/nessus/sbin/nessusd &netstat -tuplna | grep nessusdrooWbogon # /opt/nessus/sbin/nessusd &1 4990rootCbogonrooWbogon #rooWbogon T# netstat -tuplna | grep nessusdnessusd (Nessus) 8. 0. 1 build 20155 for LinuxCopyright (C) 1998 - 2018 Tenable, Inc.Wed No

24、v 21 16： 17： 55 20184990, 1 WARNING： Large stack size (10M). Start nessu: d through nessus-service or use ulimit(l)WedNov2116： 18:00 2018 4990, 1Couldnot open/opt/nessus/var/nessus/plugim-code, db Wed Nov2116： 18:00 2018 4990. 1Couldnot openOt械M3 for writing - (Succe;s)WedNov2116： 18:00 2018 4990, 1

25、Couldnot openthe description DBWedNov2116： 18:00 2018 4990. 1Attempting torebuild pluginsProcessing the Nessus plugins. tcp00 0.0.0.0:88340.0.0,0： *LISEN4856/nessusdtcp00 ：8834：*LIS*EN4856/nessusdrooWboqon ps -aux | grep nessusdrootbogon ps -aux | grep nessusdWarning: bad syntax, perhaps a bogus See

26、 /usr/share/doc/procps-3. 2. 8/FAQr】u Iroot485631.3 11.9 237224119532 pts/OSI15： 519：43 nessusd -qroot499045.2 9.3 69165694360 pts/OSI16： 172：13 /opt/nessus/sbin/nessusdroot50310.0 0.0 103344860 pts/Os+16:220:00 grep nessusd s: 服务器 IP:8834/#/rootObogon ifconfigethO Link encap: Ethernet HWaddr 00: OC

27、： 29： 54: 85： IFinet addr: 172, 16. 106. 112 Beast： 172. 16. 106.255 Mask： 255.255. 255. 0inet6 addr： fe80: ： 20c： 29ff： fe54： 851f/64 Scope： LinkUP BROADCAST RUNNING MULTICAST MTU： 1500 Metric： 1RX packets： 286717 errors： 0 dropped： 0 overruns： 0 frame： 0TX packets: 123887 errors: 0 dropped： 0 over

28、runs： 0 carrier： 0collisions： 0 txqueuelen: 1000RX bytes： 370247865 (353. 0 MiB) TX bytes： 8682508 (8. 2 MiB)lo Link encap： Local Loopbackinet addr: 127. 0. 0.1 Mask: 255. 0. 0. 0inetG addr: : 1/128 Scope： HostUP LOOPBACK RUNNING MTU： 65536 Metric： 1RX packets: 24 errors： 0 dropped： 0 overruns： 0 fr

29、ame： 0TX packets： 24 errors： 0 dropped: 0 overruns： 0 carrier 0collisions： 0 txqueuelen: 0RX bytes： 2024 (1.9 KiB) TX bytes： 2024 (1.9 KiB) s:/127.0.0.1:8834注意：火狐浏览器第一次浏览可能会阻止你，点击高级，添加类外。会不安全连接X I s: 12U Qg 自/您的连接并不安全0. 0.1的网站管理员未正确设置好网站。为了确保您的信息不会被泄 露 Firefox并未连接至该网站。详细了解后退后退亘级二二127.0.0.1:8834 uses

30、 an invalid security certificate.The certificate is not trusted because the issuer certificate is unknovn.The server might not be sending the appropriate intermediate certificates.An additional root certificate nay need to be imported.m certificate is only valid for bogonError code： SEC_ERROR_UNKNOW

31、_I SSUER一加例外1不安全连接-Mozilla FirefoxNessusfSign In4、Nessus使用安装完成后，翻开浏览器，输入 s:127.0.0.1:8834登录后进入UI界面，点击NewScan创立新工程。NeSSUSScans SettingsImportImportNew FolderNew Scan前 My Scansity. Create a new scan All Scans 由 TrashQ Policies0 Plugin Rules 擎 Scanners选择扫描工程种类，一般都选择advanced scanScan Templates Back to ScansScannerScanner进入基本配置过程，在新工程的界面填入名称及目标主机地址，并点击Save ,建立新 工程，其中name可以随便但最好使用英文,Description可写可不写，Folder选择My Scan , Target输入待扫描的主机ip ,例如192.168.1.1,除了这些基本信息还可以根据需求配置一些额外的信息