Install Nessus Security Scanner on Untangle 9.2.1

[tmedcalf]

I use this mod of the Untangle UTM with the Nessus Security Scanner to check systems on the DMZ and on the LAN
ONLY SCAN THE NETWORKS AND HOSTS THAT YOU HAVE THE RIGHT TO SCAN! SCANNING SYSTEMS CAN BE INTERPRETED AS HOSTILE ACTIVITY.

Prior to any other actions go to the following Tenable address and get a Nessus activation code
http://www.tenable.com/products/ness...ctivation-code

In your Untangle UTM create a new packet filter rule:
On the Untangle UTM Firewall

Config > Networking > Advanced > Packet Filter
Create new user rule: Nessus LAN access (Pass, TCP, Port 1241)

This will allow the Nessus Client Software to access the Nessus Server

Login via ssh

Enable Debian Repositories:

As of this posting you will have to add the current Debian Lenny repositories to the file /etc/apt/sources.list since they have been moved.

apt-get update
apt-get install -y nessusd

Disable the Debian Repositories

When the install finishes run these two commands:
/etc/init.d/nessusd start
nessus-adduser

Add a new nessusd user
----------------------


Login : "UserName"
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :

With the Activation Code recieved from Tenable run the command:
nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX

Where "XXXX-XXXX-XXXX-XXXX-XXXX" represents the activation code sent to you by Tenable.
This will download the most current Nessus Plugins.


Using the Nessus Client Software on a LAN workstation login to the Nessus Server on your Untangle UTM, using the login and password you created.

When you are not actually running the Nessus server shut the service down!
Login over ssh and run the command:
/etc/init.d/nessusd stop

[gsdThreat360]

tmedcalf,

This is a great mod but I was confused on the Debian Repositories and where to get them? Do I have to create the directory /etc/apt/ ?

Thanks

Greg

[jcoffin]

Make sure to turn off upgrades as any Debian packages added manually will break upgrades.