logo © 1996 Phil Waclawski
Felitaur Site
Offerings
About Me
Crafts
Services
ftp files
Help Files
What's New?
Home Page
Other Links
Anatomy &
Physiology
Arthropods
Biology
Computers
Ferrets
Fun Links
Internet
Linux
S.C.A.
Win 95/NT
Comments or
Suggestions
webmaster@ felitaur.com
   
Security Section 2
BRING IT ON!
[Linux System Administration Homepage]
Overview
  • Nessus server and client
  • /proc/sys/net settings
Goals:
  • Use nessus to scan and attack your own system, and a fellow students.

    NOTE YOU WILL NOT RANDOMLY USE NESSUS WITHOUT GETTING PERMISSION OF THE INSTRUCTOR FIRST! ANYONE USING THIS SOFTWARE TO ATTACK ANY SYSTEM OUTSIDE OF THE CLASSROOM WILL HAVE DISCIPLINARY ACTION TAKEN AGAINST THEM!!!!

  • Understanding of settings in /proc/sys/net
Files/directories covered:

Commands:
nessusd -D
nessus
/proc
/usr/src/linux-2.xxxxxx/Documentation/filesystems/proc.txt
nmap and nmapfe
Questions
  • What types of tests does Nessus do?
  • Why is Nessus considered to be good and bad?
  • What do your firewall, portsentry and snort logs tell you from these scans? (/var/log/messages and /var/log/snort/alerts)
  • What does a proxy server do for you? Does it offer added security? How?
  • What types of things can you set in /proc that affect security?
Activites
  • CAREFULLY LISTEN TO YOUR INSTRUCTOR FOR THE FOLLOWING
  • Make sure you have installed the gtk+ and sharutils rpms
  • You have to register now to get the Nessus rpm
  • Install Nessus server and client
    Install/config and use demo from Nessus.org
  • Configure Nessus server
  • Use client to scan your own system
  • Use client to scan one of the students Linux systems
References
This page last updated on: