02 Readiness

Here’s what I got from Tenable. I asked:

Looking for documentation on the minimum modules required for a Nessus scanner setup—this is for a DMZ. We will be controlling these machines with a console, probably Lightning from behind a firewall. So, for instance, do I have to load X? Do I need GTK+? Compilers? What can I strip out? This might be a documentation opportunity for you to sit down with Fedora 5 and just give some bullet points. I know that you need Nmap, Hydra, and Nikto—is there anything else?

And here is the answer:

No need to GTK nor X. nmap, hydra nor nikto are not required either (don’t scale on an enteprise deployment). You simply need a default Red Hat install; with openssl and libdb installed (they are, by default).

But I didn’t get that until after I was already finished with my testing setup. So, I installed pretty fat…erm…phat. Do-wah diddy dum. And I already had nikto installed, but not hydra. So, it’s already a basket case–how depressing. On the upside, however, ignorance is bliss–none of this had any bearing on my tests :)

With Fedora 5, you have to select “Customize Now” to gain the ability to mix-n-match your install. So, I installed all of the compilers, x, gnome, and every administrative tool that seemed germain. I sought for and finally found snmp services and turned them on. I removed all the server services. Rinse. Repeat. Sometime about 4 hours later and 5 CDs swapped, I had an OS. Even better, I had an OS that booted to a command prompt rather than a goofy GUI login. Had a few great moments of flashbacks to Slackware. It almost makes me want to learn more about linux–but I can type “startx” with the best of them.

It was around this point that I began beating on the sides of the monitor. My soul, this GUI is slow. It’s pretty, and relatively functional. And yes, I checked all the hdparm stuff and whatever else I could to try to tw33kxor it. I did stop short of recompiling the kernel–this is just a test setup after all. (I could recompile Slack’s kernel in my sleep once upon a time…but I’ve never used the Redhat tools.)

After the frustration of fighting with Hydra for a brief time, the installs of nikto and nessus went relatively painlessly. I think I had to track down one dependency to install nikto, but the nessus rpm for FC5 installed perfectly. If ALL linux packages would install as easily as nessus did–there would be more desktops running linux.

I’m serious here.

Don’t forget to follow the documents though. You absolutly have to use the nessus user creation utility (even though the commandline says “type nessusd…”). It’s already documented there, so I’m not going to walk you through it. Naturally, I did not read the docs, wasted time troubleshooting client connections, realized my mistake, then had to kill nessusd, run the user util, and restart nessusd. I’m certain that you won’t do something stupid like that :)

Might as well adjust the Fedora firewall settings before we go any further. Click on System | Administration | Security Level and Firewall

Drill down on Other ports and click the Add button. You can see below that I already had the ports configured in my screen shot. A fresh install won’t have anything under Other ports.

Add a rule for port 1241. I added both UDP and TCP at first just to get it working. Turns out only TCP is needed.

At this point nessusd should be running and your firewall configured. Your linux box is ready to go. Time to talk about the client piece.

Next: Relational

Popularity: 1% [?]

RSS feed | Trackback URI

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.