03 Relational

Download and install the NessusWX client…or unzip it to a directory, anyway. It doesn’t install, or even register any DLLs. I love that in a program.Side Note: Why can’t HP figure that out? Have you tried to use any of their home products? Hello, HP?!?! What makes you think I want to install hundreds of megabytes of horribly written software (for hours) and have all these goofy monitoring programs just to use a stupid printer? Do you guys even DO product testing?

Moving right along–if you’re going to store stuff in MySQL, you can go ahead and install that too. This is optional–there’s no need if you just want to do some scans and view the results. Also, I won’t bother walking you through MySQL–but there is one somewhat tricky aspect that I will mention. I had never really used MySQL before, so this info would have helped me.

You need the MySQL Essentials package, the Administrator package, and the Query Browser (if you want to verify that all of this is working). Load up MySQL Administrator, goto Tools | MySQL Command Line Client.

Create a database called nessus. Don’t forget to end the command with a semi-colon.

You can use the command show databases to see it.

Now you need to create the tables inside the database. Open the text file inside the NessusWX folder called “create_tables”. It’s a SQL file, so you could probably just import it. I like to see what’s going on, so I just copied and pasted both lines in the CLI window. Here are the two commands, in case you can’t find them:

  • create table sessions (id integer,name varchar(255),owner varchar(255),time_start datetime,time_finish datetime,time_elapsed integer);
  • create table results (session_id integer,host varchar(128),service varchar(48),plugin_id integer,type integer,is_false bool,description blob,risk_factor varchar(32),cve_id varchar(32),solution blob);

Lastly, you need to create a new MySQL user and give it rights to the nessus database. Select User Adminstration and click the New User button. Input the info for a user–I called mine “nessus”. Surprise.

Click on the Schema Priveleges tab. Select the nessus database, and then click the double arrow to assign them all. Sure you could lock this down…but it will be behind the firewall…and, man, you’re paranoid!

Next stop, configure a scan and run that baby. Go ahead! Do it!

Next: Running

Popularity: 1% [?]

RSS feed | Trackback URI

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.