linux_300
DESCRIPTION
linux_300 for workTRANSCRIPT
![Page 1: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/1.jpg)
![Page 2: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/2.jpg)
拓譜圖
藉由 Nessus 的特殊架構使 client
端能完整使用其強大的功能
![Page 3: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/3.jpg)
NESSUS 特點簡介
1. 區分不同事件種類
2. 掃描系統核心與弱點偵測
plugins 分離的架構
3. NASL 擴充語言(補充文件列舉
在後)
4. Client-Server 架構
5. 同時測試多台電腦
6. 聰明的通信埠識別能力
![Page 4: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/4.jpg)
安裝開始
首先要到 Suse Studio 創建一個帳號,
接者要建立自己的軟體版本
![Page 5: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/5.jpg)
選擇你要的 Base(建議使用新版本的)
![Page 6: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/6.jpg)
![Page 7: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/7.jpg)
接者開始
點選 software 準備安裝需要的套件,共
有五大套件
![Page 8: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/8.jpg)
首先是 yast
接者是 apache
![Page 9: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/9.jpg)
再來是 myaql
![Page 10: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/10.jpg)
接者 php5
最後是 networkmanager
![Page 11: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/11.jpg)
另外還需要增加 ping 的指令
在無套件端從有套件端 copy 來
![Page 12: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/12.jpg)
安裝主程式
先去 nessus 官網
![Page 13: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/13.jpg)
選擇 Linux 的版本(Suse)
![Page 14: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/14.jpg)
下載完成後
再到 Suse Studio 的 software 上傳
nessus 的主程式
接者設定環境
![Page 15: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/15.jpg)
![Page 16: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/16.jpg)
最後就是要建立自己的版本
去 nessus 官網申請 plugins 的激活碼
![Page 17: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/17.jpg)
接者點選
![Page 18: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/18.jpg)
接下來
下一步
![Page 19: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/19.jpg)
到信箱收激活碼
![Page 20: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/20.jpg)
接下來到 server 的機器(剛剛建立的軟
體版本)
建立 admin 權限使用者
輸入↓↓↓
/opt/nessus/sbin/nessus-adduser
![Page 21: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/21.jpg)
接者再輸入在信箱收到的激活碼→
/opt/nessus/bin/nessus-fetch –-regi
ster 激活碼
然後啟動 nessus-server
/opt/nessus/sbin/nessus-service –D
出現 All plugins loaded 代表成功了
![Page 22: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/22.jpg)
透過 nessus 來掃描弱點
在 client 端用 firefox 開啟
nessus-server 的 ip,其 port 編號為
8834。
以我為例 https://10.120.100.2:8834
![Page 23: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/23.jpg)
進去後會看到
![Page 24: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/24.jpg)
建立 policies 點選 add
![Page 25: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/25.jpg)
接者
![Page 26: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/26.jpg)
接者
接者
![Page 27: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/27.jpg)
最後
![Page 28: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/28.jpg)
接下來就是要開始啟動弱點掃描
![Page 29: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/29.jpg)
然後就開始執行弱點掃描
![Page 30: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/30.jpg)
完成後就能去 Reports 查看報告成果
(在此我已另外一份 Report 展示功能)
選擇要查看的報告,接者點選不安全有
異狀的 ip 位置
![Page 31: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/31.jpg)
查看有問題的 port
![Page 32: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/32.jpg)
可以發現有高危險 中危險 低危險有各
種不同的 plugin 解決
接者選擇你要呈現報告的方式
![Page 33: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/33.jpg)
在此我選擇網頁呈現
![Page 34: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/34.jpg)
一開頭是所有的總覽,接者往下拉可察
看特定的資訊
![Page 35: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/35.jpg)
心得&分享
Q:當要執行 yast –i 出現 couldn`t load
plug-in ncurses_pkg
A : 到 software 安裝以下套件
![Page 36: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/36.jpg)
Q : DNS Server Cache Snooping
Remote Information Disclosure
A : 屬於 DNS 群組
解決的 Plugin ID 為 12217
它是一個遠程 DNS server 的問題
使用其他 DNS 軟體即可解決
更詳細的解決方案參照
http://www.rootsecure.net/contehttp://www.rootsecure.net/contehttp://www.rootsecure.net/contehttp://www.rootsecure.net/content/nt/nt/nt/
downloads/pdf/dns_cache_snoopindownloads/pdf/dns_cache_snoopindownloads/pdf/dns_cache_snoopindownloads/pdf/dns_cache_snoopin
g.pdfg.pdfg.pdfg.pdf
![Page 37: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/37.jpg)
剛開始聽說要在雲端上建立 Linux 就很
頭大,不過接觸 Suse Studio 後慢慢就
沒想像中那麼困難,當中最難的是要裝
哪些套件,缺套件後要補裝哪些套件,
解讀資訊就變的很重要
參考資料參考資料參考資料參考資料
http://www.nessus.org/
http://www.nessus.org/documentati
on/
http://en.wikipedia.org/wiki/Nessus_
(software)
![Page 38: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/38.jpg)
http://life.iiietc.ncu.edu.tw/xms/cont
ent/show.php?id=27870
http://life.iiietc.ncu.edu.tw/xms/inde
x.php?view=content_show&id=2750
8
補充
NASL 的基本語法↓↓↓
http://life.iiietc.ncu.edu.tw/xms/inde
x.php?reload=1&favoriteMode=1&v
![Page 39: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/39.jpg)
iew=content/show.php%3Fid%3D29
770
NASL 的進階篇
NASL 的網路相關功能
Socket 是使用 TCP 或 UDP 去溝通另一
台主機發送資料給另一個特定接口的特
定協定
打開打開打開打開 SocketSocketSocketSocket
參考範例
# Open a socket on TCP port 80 :
![Page 40: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/40.jpg)
soc1 = open_sock_tcp(80);
# Open a socket on UDP port 123 :
soc2 = open_sock_udp(123);
The open_sock functions will return
0 if the connection could not be
established
on the remote host. Usually,
open_sock_udp() will never fail, since
there
![Page 41: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/41.jpg)
is no way to determine whether the
remote UDP port is open or not,
whereas the
open_sock_tcp() function will return
0 if the remote port is closed.
A trivial TCP port scanner would be
like this :
start = prompt("First port to scan ?
");
end = prompt("Last port to scan ? ");
for(i=start;i<end;i=i+1)
![Page 42: linux_300](https://reader034.vdocuments.us/reader034/viewer/2022051518/568bd67f1a28ab20349c49fc/html5/thumbnails/42.jpg)
{
soc = open_sock_tcp(i);
if(soc) {
display("Port ", i, " is open\n");
close(soc);
}
}
關閉關閉關閉關閉 SocketSocketSocketSocket
函數 close()可用來關閉 Socket