HOWTO: Nessus version 3 (Nessus3) installation with FC5 RPM

[texas1emt]

HOWTO: Install Nessus 3 RPM on Gentoo

The goal of this HOWTO is to take an RPM (Red Hat Package Manager) binary file and install it on Gentoo. So, why oh why would someone rather install a non-GPL binary rather than the older GPL'd 2.x versions of nessus? Efficiency. Through multiple tests of my own, I've found that Nessus 3 is much more efficient. It's able to do more with less resources. Also, my boss said I had to use Nessus 3

This howto uses the app-arch/rpm2targz scripts rather than using the basic app-arch/rpm installer application. My reason for avoiding the app-arch/rpm package is that it takes a while to emerge and has more dependencies than rpm2targz.

Step 1: Get the files you need

As said previously, Nessus is now a binary in version 3. I can't put a direct download from here, so you'll need to go to their download area here: Nessus Download Link

You'll have to register with them - aggravating, I know - but it's the only way to get Nessus 3.

IMPORTANT: If you want the simplest possible install, choose the Fedora Core 5 RPM (it has 'fc5' in the filename). It's the closest library match-up to an updated Gentoo system. Once you have the file downloaded, you will need the app-arch/rpm2targz package to turn the RPM into a more manageable tar.gz file. There's nothing to compile, so it will merge quickly.


Code:

# emerge app-arch/rpm2targz



Now you're ready to install Nessus.

Step 2: Nessus Installation

Change into the directory where you placed your RPM file. Run rpm2targz on it. This takes about 90 seconds on my P3 with very slow storage.


Code:

# rpm2targz Nessus-3.0.3-fc5.i386.rpm found gzip magic bytes   trying to decompress with gzip...  OK



Now un-tar.gz it.


Code:

# tar xvzf Nessus-3.0.3-fc5.i386.tar.gz



You should now have two directories, etc and opt. The opt directory has all of the Nessus application files and libraries and etc has a horribly RedHat-ified init script that we have to replace. Change into the opt directory (not /opt, but the opt directory that came out of the tar.gz) and move the nessus directory to /opt. You will need to add two folders to your $PATH variable: /opt/nessus/bin/ and /opt/nessus/sbin/.

Move the nessus directory that is inside the opt directory that came from the tar.gz into the actual /opt/ folder on your system.


Code:

# cd opt # ls nessus # mv nessus /opt/

Step 3: Installing Libraries

You'll immediately see a problem if you try to run the registration command that Tenable provides in the e-mail they sent when you downloaded the software:


Code:

# /opt/nessus/bin/nessus-fetch --register ****-****-****-****-**** /opt/nessus/bin/nessus-fetch: error while loading shared libraries: libnessus.so.3: cannot open shared object file: No such file or directory



Okay, we have to link up these libraries before we can start any of the Nessus services. It's a pretty quick process. First, we need to explain to Gentoo (via environment variables) where these new libraries are. Open up your /etc/env.d/00basic file and add /opt/nessus/lib/ to your LDPATH variable like so:


Code:

LDPATH="/usr/local/lib:/opt/nessus/lib"



Save the file, exit, and run env-update. Now, if you try to run the nessus-fetch command again, you'll find a new problem:


Code:

# env-update >>> Regenerating /etc/ld.so.cache... # /opt/nessus/bin/nessus-fetch --register ****-****-****-****-**** /opt/nessus/bin/nessus-fetch: error while loading shared libraries: libssl.so.6: cannot open shared object file: No such file or directory



Don't worry - you have the libssl libraries, but they're not called the same as they would be if this was a Fedora Core 5 system. Just make a symbolic link from the library you have to the one that the Nessus binary is searching for:


Code:

# ls -al /usr/lib/libssl* -rw-r--r-- 1 root root 305960 Jul  5 20:12 /usr/lib/libssl.a lrwxrwxrwx 1 root root     11 Jul  5 20:12 /usr/lib/libssl.so -> libssl.so.0 lrwxrwxrwx 1 root root     15 Jul  5 20:12 /usr/lib/libssl.so.0 -> libssl.so.0.9.7 -r-xr-xr-x 1 root root 201328 Jul  5 20:12 /usr/lib/libssl.so.0.9.7 # ln -s /usr/lib/libssl.so /usr/lib/libssl.so.6



Try the command again and we're short one last library:


Code:

# /opt/nessus/bin/nessus-fetch --register ****-****-****-****-**** /opt/nessus/bin/nessus-fetch: error while loading shared libraries: libcrypto.so.6: cannot open shared object file: No such file or directory



Now, just make a symbolic link from your libcrypto library to the library that Nessus is searching for:


Code:

# ls -al /usr/lib/libcrypto* -rw-r--r-- 1 root root 2031486 Jul  5 20:12 /usr/lib/libcrypto.a lrwxrwxrwx 1 root root      14 Jul  5 20:12 /usr/lib/libcrypto.so -> libcrypto.so.0 lrwxrwxrwx 1 root root      18 Jul  5 20:12 /usr/lib/libcrypto.so.0 -> libcrypto.so.0.9.7 -r-xr-xr-x 1 root root 1107852 Jul  5 20:12 /usr/lib/libcrypto.so.0.9.7 # ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.6

Step 4: Registration, configuration and plugin download

Okay, the libraries are done. Unfortunately, Nessus expects to find gzip in /usr/bin/, but Gentoo has it in /bin/ instead. Another symbolic link will fix it all up, and then you can run your registration command:


Code:

# /opt/nessus/bin/nessus-fetch --register ****-****-****-****-**** Your activation code has been registered properly - thank you. Now fetching the newest plugin set from plugins.nessus.org... /opt/nessus/etc/nessus/nessusd.conf does not exist! Do you have the nessus daemon installed? An error occured while fetching the plugins. Your Nessus installation may not be up-to-date.



Don't worry about the error. The configuration file is missing because we haven't run nessusd before. That will end up remedying itself in just a moment. We need to make a certificate for Nessus to use now. Run nessus-mkcert. I usually just press enter on the options because I don't have much use for the certificate since I only talk to Nessus over the localhost anyways. Once that's finished, run nessus-add-first-user. The options are pretty self-explanatory, but ignore the last line telling to to start Nessus.

Here's an init script that I wrote for Nessus. Save this as /etc/init.d/nessusd:


Code:

#!/sbin/runscript PIDFILE=/opt/nessus/var/nessus/nessusd.pid depend() {         need net } start() {         ebegin "Starting Nessus"         start-stop-daemon --start --verbose --nicelevel -10 \                  --exec /opt/nessus/sbin/nessusd -- -Dq         eend $? } stop() {         ebegin "Stopping Nessus"         start-stop-daemon --stop --retry 10 --pidfile ${PIDFILE}         eend $? }



Save the file as /etc/init.d/nessusd. Make it executable and give it a run. Keep in mind - this will take a WHILE the first time you start this, or when you start it after a reboot. All of the plugins have to be read off the drive and cached.


Code:

# /etc/init.d/nessusd start  * Caching service dependencies ...                             [ ok ]  * Starting Nessus ... Starting /opt/nessus/sbin/nessusd...                            [ ok ]



And, if you want it to run when your computer boots up:


Code:

# rc-update add nessusd default



WATCH OUT! Setting Nessus to start on boot-up will drastically increase the amount of time your system will take to boot. This is mainly due to plugin caching.

Now, just update your plugins (I like verbose output):


Code:

# nessus-update-plugins -vvv

You're all set to go! You can use GUI Nessus clients on Linux, OS X and Windows desktops now, or you can use nessus on the command line. If you have any problems, please let me know!
_________________
M. Hayden - San Antonio, TX

[Uipe]

I fallowed your guide but I still have problems with the libraries

[texas1emt]

Hey there Uipe, I think you may need to run an additional env-update after you made those symlinks. I didn't have to, but your system may be different. So, as root, just run:

[Uipe]

I don't know I must be doing something wrong becase I have rebooted my system and still no go.
_________________
Why can t my clock just stop...
I don t want to move so why not stop
dont push me please wait a bit
maybe... just maybe I will move
from here to there
just moving not changing

by Filipe Felisberto

[texas1emt]

Uipe, i wish there was something else I could do to help, but I'm at a loss.

This is my /etc/env.d/00basic (which is almost identical to yours):

[Uipe]

[texas1emt]

Uipe, I think it might be an issue with 64-bit chips. The binaries that Tenable makes available are for 32-bit chips only. AFAIK, they haven't written a binary for 64-bit processors yet. If you're able to find information about 64-bit builds, let me know - I haven't found any.
_________________
M. Hayden - San Antonio, TX

[Uipe]

oki thanks I will try to find info about it. I tougth it would be possible to emulate it like I do with the other programs. thanks anyway
_________________
Why can t my clock just stop...
I don t want to move so why not stop
dont push me please wait a bit
maybe... just maybe I will move
from here to there
just moving not changing

by Filipe Felisberto

[Kvetch]

Great post texas1emt. I have been beating my head on getting Nessus 3 on my AMD64 machine for the exact same reasons. Nessus is installed and working great. Thanks.

Uipe - this worked for me on my AMD64 machine

[radulucian]

good pointer Kvetch, however, if you never used the emulation before on your system, you will need to:

[elvar]

Thank you so much for taking the time to write this, it definitely saved me.



Kind regards,
Elvar