Deployment of vulnerability scanning and analysis software Nessus under CentOS
Nessus is currently the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75,000 organizations use Nessus as the software to scan their computer systems.
Its characteristics are:
-
Provide a complete computer vulnerability scanning service, and update its vulnerability database at any time.
-
Different from traditional vulnerability scanning software, Nessus can be remotely controlled locally or remotely to perform system vulnerability analysis and scanning.
-
Its operating efficiency can be adjusted by itself along with system resources. If you add more resources to the host (such as speeding up the CPU or increasing the memory size), its efficiency can be improved due to abundant resources.
The following describes the deployment of Nessus under CentOS7
1、 Register and download on the official website https://www.tenable.com/downloads/nessus
2、 Get the activation code + download address in the email
3、 Upload the rpm installation package to the CentOS7 server (can connect to the Internet)
4、 Close SELINUX, add firewall
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
setenforce 0
firewall-cmd --zone=public --add-port=8834/tcp --permanent
firewall-cmd --reload
5、 Start nessusd service
systemctl start nessusd.service
6、 Log in to the web service interface
https://IP:8834
7、 Enter your activation code for Nessus Essentials
8、 Then wait to download the plugin
9、 Wait for the plugin to be compiled
10、 You can find a host as the target for scanning test
11、 Wait for the scan to complete, need to wait a certain amount of time
12、 Can export scan report, and then perform security hardening
Recommended Posts