Checking Security with Nessus
| |
The nessus package is an excellent package for checking known
security problems. Install on one machine both nessus (the
client) and nessusd (the server).
For nessusd you need to create a user account using
nessusd-adduser. One suggestion is to simply create a user
with the same name as your user account (e.g., kayon). Then
start the daemon (server) with:
Note that this daemon is not automatically run within the
/etc/init.d framework.
As a user start up the nessus client and login with your user
name. Go to the Target selection tab and type in a list of
hosts you wish to check, comma separated. If you want to test all
machine on your network, try something like 192.167.0.1/24.
After you click Start the scan the checking is initiated.
Eventually a report will be presented. You can save the report in
various formats, including LATEX.
The testing is extensive and the report provides suggestions for
eliminating security holes.
Copyright © 1995-2006 [email protected]
|