Course Hero

Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.

2 Pages

nessus-install

Course: DAY 3, Fall 2009
School: Oregon
Rating:
 
 
 
 
 

Word Count: 1243

Document Preview

Nessus Exercises: Install and use under FreeBSD: ccTLD Workshop September 14, 2005 The Nessus website is http://www.nessus.org/ Note: The "#" and "$" characters before commands represents your system prompt and is not part of the command itself. "#" indicates a command issued as root while "$" indicates a command issued as a normal user. Note...

Register Now
Search

Unformatted Document Excerpt

Coursehero >> Oregon >> Oregon >> DAY 3

Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.

Course Hero has millions of student submitted documents similar to the one below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Nessus Exercises: Install and use under FreeBSD: ccTLD Workshop September 14, 2005 The Nessus website is http://www.nessus.org/ Note: The "#" and "$" characters before commands represents your system prompt and is not part of the command itself. "#" indicates a command issued as root while "$" indicates a command issued as a normal user. Note 2: If you install software, update your environment as root and the change is not immediately available try typing rehash at the root shell prompt. This is only necessary when running a C shell (e.g., like /bin/csh). Nessus installation using ports You need to be root to do this. If you install the Nessus package youll find that it doesnt come with a GUI. You want a GUI with Nessus, so we instal from ports. The Nessus website has good documentation on setting up Nessus post installation starting here: http://www.nessus.org/demo/index.php?step=1 Now to install do this: # cd /usr/ports/security/nessus # make install Nessus will compile for quite some time. While its doing this well take this chance to talk about what Nessus does and, possibly show it in action from your instructors machine. Now that the main Nessus program has compiled we still need to compile the plugins for Nessus. We do this separately by typing: # cd /usr/ports/security/nessus-plugins # make install This, also, takes some time. You should see an indication that over 2,000 plugins were compiled! Dont forget to type: # rehash if you are using a C-shell. Before you can run the Nessus daemon you need to make a local ssl certificate. To do this type: # nessus-mkcert You will be presented with several questions to answer. Here are the screens and the responses you should give: ------------------------------------------------------------------------------Creation of the Nessus SSL Certificate ------------------------------------------------------------------------------This script will now ask you the relevant information to create the SSL certificate of Nessus. Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to yourNessus daemon will be able to retrieve this information. CA certificate life time in days [1460]: RETURN Server certificate life time in days [365]: RETURN Your country (two letter code) [FR]: ke Your state or province name [none]: Your location (e.g. town) [Paris]: Nairobi Your organization [Nessus Users United]: ccTLD Workshop If certficate generation works you should get a screen that looks like this: ------------------------------------------------------------------------------Creation of the Nessus SSL Certificate ------------------------------------------------------------------------------Congratulations. Your server certificate was properly created. /usr/local/etc/nessus/nessusd.conf updated The following files were created : . Certification authority : Certificate = /usr/local/com/CA/cacert.pem Private key = /usr/local/var/CA/cakey.pem . Nessus Server : Certificate = /usr/local/com/CA/servercert.pem Private key = /usr/local/var/CA/serverkey.pem Press [ENTER] to exit Now we need to create a Nessus userid that we can use when connecting to the Nessus server. This userid is separate from any system userid you may have. To do this type: # nessus-adduser Now youll be presented with multiple choices to fill in. Follow the example below to create the Nessus userid ccltd with appropriate network filtering for our local network. Login : cctld Authentication (pass/cert) [pass] : RETURN Login password : Login password (again) : 1 of 2 User rules ---------nessusd has a rules system which allows you to restrict the hosts that sanog has the right to test. For instance, you may want them to be able to scan their own host only. Note the "nnn.nnn.nnn.0" prefix should substituted be with our class IP prefix. The "xx" should be our class allocation, which in this case is a /27. So, our class network is 196.216.0.0/27, and we want to only allow the user ccltd to scan in our network. This looksl ike this: Please see the nessus-adduser(8) man page for the rules syntax Enter the rules for this user, and hit ctrl-D once you are done : (the user can have an empty rules set) accept 196.216.0.0/27 default deny Login : cctld Password : *********** DN : Rules : accept 196.216.0.0/27 default deny Is that ok ? (y/n) [y] user added You could enable Nessus to boot every time you start your machine by adding the following line to your /etc/rc.conf file: nessusd_enable="YES" but, I would recommend against this unless you plan on using this machine heavily as a Nessus scanner. Now you can start the Nessus daemon: # nessusd -D Now as a user other than root connect to the Nessus server on your local machine using the Nessus program: $ nessus & In the opening screen enter in the Nessus Login name you created (not your account name) and password, then press the "Log in" button. At this point you could read in detail about configuring Nessus to be used exactly as you want here: http://www.nessus.org/demo/index.php?step=2 Or, you can follow these quick steps to run an initial scan using Nessus: Press "OK" on the initial SSL dialogue that appears. Press "YES" to accept the local SSL certificate you have generated. By default youll be dumped to the "Plugins" tab screen. And, by default all plugins are enabled. Either make no changes and continue to start scanning, or pick some subset of plugins that you think might be interesting. Do this by pressing "Disable all" and then choosing the plugins you want. A scan with all plugins may take so long that we wont have time to complete it during class. Click on the "Target" tab. In the "Target(s):" box enter in the IP address of the machine to your right. If no one is to your right, then enter in the IP address of the machine to your left. Press the "Start the scan" button. A new window opens. Scanning may take quite some time since we have enabled all plugins. If you had chosen to scan an entire network this can take quit...

Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more. Course Hero has millions of course specific materials providing students with the best way to expand their education.

Below is a small sample set of documents:

Oregon - JOUR - 2
Oregon - JOUR - 2
Oregon - DAY - 3
Reverse DNSOverview Principles Creating reverse zones Setting up nameservers Reverse delegation proceduresWhat is Reverse DNS? Forward DNS maps names to numbers svc00.apnic.net -> 202.12.28.131 Reverse DNS maps numbers to names 202.12.28
Oregon - DAY - 3
Infrastructure&Separationof ServicesccTLDWorkshopJune2006 Apia,SamoaInfrastructureVerify:Componentsareworking? Backup:What,how,when,where? Restore:Testingyourrestore! Power:Enough,UPS,gracefulshutdown? Physical:Safe?Backupsitelocation?Infrastr
Oregon - DAY - 1
Unixtourexercise1(theshell)ccTLDWorkshopSamoa = Thisexercisetakesyouaroundsomeofthefeaturesoftheshell.Evenif youdon'tneedtousethemallstraightaway,it'sveryusefultobeaware ofthemandtoknowhowtodealwithsomeproblemswhichmayarise. Tryoutalloftheexamplesgiv
Oregon - DAY - 3
SSHLabWewillnowpracticethefollowing concepts:Theuseofknown_hostsfiles SSHconnectionwithpasswordauthentication RSAversion2protocolkeygeneration Publickeycopying Connectingwithprivatekeypassphraseusing keybasedauthentication UsingscpwithRSAkeyauthent
Oregon - DAY - 1
FreeBSDOverviewComparisonwithLinux ccTLDWorkshopJune20,2006 SamoaHerveyAllenSomePracticalMattersWhenweinstallpleaseusetheroot passwordsuppliedinclass. Duringtheworkshoppleasedonotchange therootpassword. Pleasedoaskquestions!Lotsofque
Oregon - DAY - 1
Oregon - PACNOG - 1
Oregon - PACNOG - 2
Oregon - BINGHAMTON - 2006
Program ScheduleThe Human Role in Changing Fluvial Systems37th Binghamton Geomorphology SymposiumaCo-Organizers: L. Allan Jamesa and W. Andrew Marcusb Department of Geography, University of South Carolina, Columbia SC 29208, USA b Department of
Oregon - GEOG - 607
Geog 607: Reshaping the Grande Ronde River: Natural and Social Processes Winter term 2004, Tuesdays 3:00 5:20 pm, 207 Condon Hall Prof. Pat McDowell In this graduate research seminar we will integrate physical and human geography research, focusing
Oregon - GEOG - 607
Geog 607: Seminar River Restoration: Practice and CritiqueWinter 2008, Prof. Patricia McDowell Fridays 9:00-11:50, 206 CondonThe goal of this seminar is to examine critically the enterprise of river restoration, with an emphasis on its scientific
Oregon - GEOG - 410
Geog 4/510: Field Methods for Physical GeographyFall 2008, Prof. Patricia McDowell Friday 13:00-16:50, 206 CondonThe goal of this seminar is to learn how to use common field techniques for physical geography. Mapping features using GPS Using map
Oregon - GEOG - 427
Geog 4/527: Fluvial GeomorphologySpring 2008, Prof. Patricia McDowell MW 14:00-15:20 and some F 12:00-4:50, Knight 41 revised 04/05/08Course content and goals: Four themes: a) processes that shape river channels; b) ecological interactions in the c
Oregon - GEOG - 427
Geog 4/527: Fluvial GeomorphologySpring 2006, Prof. Patricia McDowell UH 16:00-17:20 and F 12:00-4:50, Knight 41Course content and goals: Four themes: a) processes that shape river channels; b) ecological interactions in the channel and riparian zo
Oregon - GEOG - 360
Geog 360: Watershed Science and PolicyWinter 2009; Prof. Patricia McDowell TR 2:00-3:20pm, 41 Knight LibraryCourse content:Physical and ecological processes in rivers and watersheds Water pollutants and water quality, and how the Clean Water Act
Oregon - GEOG - 427
Geog 4/527: Fluvial GeomorphologySpring 2008, Prof. Patricia McDowell MW 14:00-15:20 and some F 12:00-4:50, Knight 41 Preliminary Syllabus v 1.0 Things may change (but change is good)Course content and goals: Four themes: a) processes that shape r
Oregon - GEOG - 427
Friday schedule for GEOG 4/527, spring 2008: Week 1, 4/4: practice surveying on campus, 1:00-3:00pm Week 2, 4/11: cross-sections at Amazon Creek, 1:00-5:00pm Week 3, 4/18: no class Week 4, 4/25: no class Week 5, 5/2: no class Week 6, 5/9: two groups
Oregon - GEOG - 323
Geography 323; April 16, 2008 Prof. D.G. Gavin List of basic terms for biogeography exam #1. These are organized by topic more than by the order they were presented1. Distinctions between historical and ecological biogeography 2. Three extreme views
Oregon - BINGHAMTON - 2006
Second Circular Invitation & Call for Posters:The Human Role in Changing Fluvial Systems37th International Binghamton Geomorphology Symposium (BGS)October 20-22, 2006, Columbia, South Carolina Organizers: L. Allan James, University of South Carol
Oregon - GEOG - 609
CURRICULUM VITAE James E. Meacham Department of Geography, 1251 University of Oregon, Eugene, OR, USA 97403-1251 email: jmeacham@uoregon.edu http:/geography.uoregon.edu/infographics/ voice: 541 346-5788 Fax: 541 346-2067 EDUCATION M.A., Geography, Un
Oregon - GEOG - 607
mean= 137 m Ma^-1
Oregon - GEOG - 620
Navigational Map Reading: Predicting Performance and Identifying Relative Inuence of Map-Related AbilitiesAmy K. LobbenDepartment of Geography, University of OregonMost of us know people who cannot read a map and others who seem to navigate intui
Oregon - GEOG - 620
THE PROFESSIONAL GEOGRAPHERVOLUME 36FEBRUARY 1984NUMBER 1Professfonal Geographer, 36(1), 1984, 1-110 Copyright 1984 by Association of American GeographersON THE HISTORY AND PRESENT CONDITION OF GEOGRAPHY: AN HISTORICAL MATERIALIST MANIFESTO
Oregon - GEOG - 607
% Reprinted from Nature, Vol. 336, No. 6196, pp. 232-234, 17th November, 1988 Macmillan Magazines Ltd., 1988Where do channels begin?David R. Montgomery & William E. Dietrich Department of Geology and Geophysics, University of California, Berkeley
Oregon - GEOG - 620
Oregon - GEOG - 425
Oregon - GEOG - 620
Oregon - GEOG - 425
Oregon - GEOG - 620
Geography 1957-1977: The Augean Period Peter Gould Annals of the Association of American Geographers, Vol. 69, No. 1, Special Issue: Seventy-Five Years of American Geography. (Mar., 1979), pp. 139-151.Stable URL: http:/links.jstor.org/sici?sici=0004
Oregon - GEOG - 607
This is a digital copy of a book that was preserved for generations on library shelves before it was carefully scanned by Google as part of a project to make the worlds books discoverable online. It has survived long enough for the copyright to expir
Oregon - GEOG - 607
Downloaded from geology.gsapubs.org on 28 January 2009GeologyFire and the evolution of steep, soil-mantled landscapesJoshua J. Roering and Molly Gerber Geology 2005;33;349-352 doi:10.1130/G21260.1Email alerting services Subscribe Permission req
Oregon - GEOG - 607
Forest clearing and regional landslidingDavid R. Montgomery Kevin M. Schmidt* Department of Geological Sciences, University of Washington, Seattle, Washington 98195, USA Harvey M. Greenberg William E. Dietrich Department of Geology and Geophysics, U
Oregon - GEOG - 620
Progress in Human Geography 28,6 (2004) pp. 807 814Quantitative methods: past and presentJessie P.H. PoonDepartment of Geography, University at Buffalo-SUNY, Buffalo, New York 14262, USAIIntroductionIn celebrating the 40th anniversary of A
Oregon - GEOG - 607
ArticlesUnderstanding Processes and Downstream Linkages of Headwater SystemsTAKASHI GOMI, ROY C. SIDLE, AND JOHN S. RICHARDSONHeadwater systems, the areas from which water originates within a channel network, are characterized by interactions
Oregon - GEOG - 607
Weathering proles, mass-balance analysis, and rates of solute loss: Linkages between weathering and erosion in a small, steep catchmentSuzanne Prestrud Anderson*Center for Study of Imaging and Dynamics of the Earth, University of California, Santa
Oregon - GEOG - 620
INTERNATIONAL JOURNAL OF CLIMATOLOGY Int. J. Climatol. 24: 665680 (2004) Published online in Wiley InterScience (www.interscience.wiley.com). DOI: 10.1002/joc.1027ON THE ROLE OF STATISTICS IN CLIMATE RESEARCHaFRANCIS W. ZWIERSa, * and HANS VON S
Oregon - AHONGO - 1
Question: Who are the Evangelicals, and what do they want? Subquestions: WHAT DO MOST PEOPLE THINK OF AS EVANGELICALS? [i.e., Moral Majority1, Jerry Falwell, Pat Robertson, Tim LaHaye] [Local figure: Lon Mabon, his Oregon Citizens Alliance. Is this r
Oregon - BJACKSO - 3
Oregon - BJACKSO - 3
Oregon - KJOHNS - 20
KILEE JOHNSONEducation360 Marche Chase Drive, Apt. 184 Eugene, Oregon 97401 (503)338-8829 kjohns20@uoregon.eduBachelor of Arts, Digital Arts, University of Oregon, June 2007 Robert Clark Honors College, Eugene, OR Accumulative GPA: 3.32/4.0Ski
Oregon - ACTG - 352
Oregon - RHERMAN - 1
> > > > / 12 Snare 8 R R R R sim. > > > > 12 Quads / 8 R R R R sim. > > > > 12 Bass / 8 ? ? ? ? ? ? ? ?R R R R sim.Flam Accent Heights> > > > L L L L sim. > > > > L L L L L L L L sim.> >sim. > > ? ? ? ? ? ?
Oregon - P - 2
Figure 1: Dist=Pareto * alpha=2.9100 90 80 percent with shorter uptime 70 60 50 40 30 20 10 0 1beta=0.38 beta=0.76 beta=1.51 beta=3.03 beta=9.1 beta=36.4 beta=13710100 1000 10000 100000 node uptime at simulation end (seconds)1e+06Figure 2
Oregon - P - 2
Metric=Clustering-Coecient * Dist=Pareto * BS=Oracle0.001 0.0008 0.0006 0.0004 0.0002 0 10 100 1000 Median Session Length (seconds) alpha=2.9 alpha=3.1 clustering coefficient 0.001 0.0008 0.0006 0.0004 0.0002 0 10 100 1000 Median Session Length (sec
Oregon - P - 2
clstr-W1(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
components-W1(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
connections-W0(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
degree distribution Weibull distributions bsmech=2, approx. 80 second median session length(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e
Oregon - P - 2
connections-W2(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
clstr-p2(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
clstr-p1(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
path-p1(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
connections-p1(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
degree distribution power law distributions bsmech=2, approx. 960 second median session length(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27
Oregon - P - 2
components-W0(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
path-p2(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81
Oregon - P - 2
clstr-W2(a) 4/+0(b) 4/+2(c) 4/+5(d) 4/+12(e) 4/+16(a) 16/+0(b) 16/+5(c) 16/+8(d) 16/+16(e) 16/+48(a) 27/+0(b) 27/+5(c) 27/+16(d) 27/+27(e) 27/+81