how to install simpleness 2.0

Last updated: August 21, 2007

These instructions are only for simpleness version 2.0 and greater.

Make sure you have the following things installed (with proper security applied):

Apache (http://www.apache.org)
Nmap (http://www.insecure.org)
MySQL http://www.mysql.com) - Make sure to set a password for the root account. Config help from MySql.com.
Nessus (http://www.nessus.org/)
NessusClient (http://www.nessus.org/)
A mail client that is able to send attachments via the command line. I like mutt (http://www.mutt.org/). But if you have SUSE 10 installed, it comes with nail already installed (http://nail.sourceforge.net/). Nail also allows for sending of attachments via the command line.

Follow the directions as provided by each of the vendors. The Nessus 3.x installation guide can be found here: http://www.nessus.org/documentation/nessus_3.0_installation_guide.pdf.

Basic Nessus install:

#rpm -ivh Nessus-3.0.5-suse10.0.i586.rpm

#/opt/nessus/sbin/nessus-add-first-user

Be sure to remember this username and password. It will be used to log into the NessusClient as well as embedded in the PHP scripts.

#/etc/rc.d/nessusd start

#/opt/nessus/bin/nessus-fetch --register REGCODEHERE

#rpm -ivh NessusClient-1.0.2-suse10.0.i586.rpm

Download the simpleness.tar.gz file and copy to the root of your webserver. It will unzip the files into the proper file structure.

#gunzip < simpleness.tar.gz | tar xvf -

This will unzip the following structure:

audits/

Move the perl scripts to proper locations. The importness.pl script is used to import the Nessus scans into MySQL and the nesupdate.pl script is used to update the nessusrc files on a daily basis. The run_nesjobs.pl script is new to version 2.0 and is used to monitor the database for scheduled Nessus jobs.

#chmod 755 audits/scripts/*.pl

#mv audits/scripts/importness.pl {path to cgi-bin}

#mv audits/scripts/run_nesjobs.pl {path to cgi-bin}

#mv audits/scripts/nesupdate.pl /etc/cron.daily/.

Run NessusClient to create and define the basic .nessusrc file to be used for scanning. I've only found one good way to create the .nessusrc file; by running NessusClient, define all parameters and plugins and then scan at least one device. After disconnecting from the client, the .nessusrc file is created/updated.

Create the first .nessusrc file and design it to handle scanning all Microsoft related servers. When complete, copy the .nessusrc file to .nessusrc.ms.

Pre-NessusClient / Nessus 3.x:

NessusClient / Nessus 3.x and beyond:

cp /root/.nessusrc {www root}/audits/rcfiles/.nessusrc.ms

cp /root/.nessus/<ScopeName>/<TaskName>/ nessusrc {www root}/audits/rcfiles/.nessusrc.ms

Next, create a .nessusrc file and design it to handle scanning all Unix/Linux related servers. When complete, copy the .nessusrc file to .nessusrc.ux.

Pre-NessusClient / Nessus 3.x:

NessusClient / Nessus 3.x and beyond:

cp /root/.nessusrc {www root}/audits/rcfiles/.nessusrc.ux

cp /root/.nessus/<ScopeName>/<TaskName>/ nessusrc {www root}/audits/rcfiles/.nessusrc.ux

The location of the nessusrc files can be anywhere deemed appropriate, just update the vars.php file to point to the appropriate location. Change the permissions on the .nessusrc files so that they can be read.

# chmod 644 {www root}/audits/rcfiles/.nessusrc.*

I have included a copy of George Theall's update-nessusrc script. This script can be used to keep your default nessusrc files up-to-date. You will need to edit the script and enter in the appropriate information for the script to run Nessus. The host, port, user and password parameters are on lines 201-204. When complete, manually update the nessusrc files the first time:

# /etc/cron.daily/nesupdate.pl

If you do an ls -la on the files before and after the update, you should notice a change in filesize.

BEFORE # ls -la audits/rcfiles/

drwxr-xr-x 2 root root 144 Aug 9 09:36 .

drwxr-xr-x 11 root root 1080 Aug 9 09:46 ..

-rw-r--r-- 1 root root 149156 Aug 9 09:50 .nessusrc.ms

-rw-r--r-- 1 root root 149156 Aug 9 09:50 .nessusrc.ux

-rwxr-xr-x 1 root root 32663 Aug 9 09:36 update-nessusrc

AFTER # ls -la audits/rcfiles/

drwxr-xr-x 2 root root 144 Aug 9 09:36 .

drwxr-xr-x 11 root root 1080 Aug 9 09:46 ..

-rw-r--r-- 1 root root 148369 Aug 9 09:53 .nessusrc.ms

-rw-r--r-- 1 root root 147808 Aug 9 09:53 .nessusrc.ux

-rwxr-xr-x 1 root root 32663 Aug 9 09:36 update-nessusrc

Also included with the download are the necessary SQL files to create the databases for storing the Nessus data and the users. The following are the commands to create two new tables, the users to use those tables and the statements to create the tables. The vauth.sql file also imports data and the default users. Note, the current users defined below are the users defined within the PHP config files, if they are changed here, do not forget to change them in the config files. Also, you will need to take note of the user passwords for the config files.

# mysql -u root -pPASSWORD

mysql> create database nessus;

mysql>create database vauth;

mysql>grant select,insert,update,delete on nessus.* to 'nesuser'@'localhost' identified by 'PASSWORD';

mysql>grant select,insert,update,delete on vauth.* to 'vauthuser'@'localhost' identified by 'PASSWORD';

mysql>grant select, lock tables on nessus.* to 'dbbackup'@'localhost' identified by 'PASSWORD';

mysql>grant select, lock tables on vauth.* to 'dbbackup'@'localhost';

mysql>flush privileges;

mysql>exit;

# mysql -u root -pPASSWORD nessus < ./audits/sql/simpleness2.0.sql

# mysql -u root -pPASSWORD vauth < ./audits/sql/vauth.sql

Add a new table to the Nessus database:

#/opt/nessus/bin/nessus -qxpS localhost 1241 nesuser PASSWORD >> ./audits/sql/plugins.sql

Edit plugins.sql and delete first line: "DROP TABLE plugins;"

#mysql -u root -pPASSWORD nessus < ./audits/sql/plugins.sql

Edit the importness.pl and run_nesjobs.pl scripts and change the database connection settings, at a minium define a new password. The add a cron job to allow for scheduling of jobs with simpleness, you can add the following line to your crontab (to run once a minute):

* * * * * /srv/www/cgi-bin/run_nesjobs.pl

Edit audits/includes/vars.php and change all of the appropriate variables, including the username and password to be able to connect to the nessus and vauth databases.

Edit the config.xml file, which is also new to version 2.0. This file is used to pass some initial values to the Flex application. At a minimum, you will need to change the value in the "baseurl" tags. This should be the same value as "$rooturl" in the vars.php file.

The audits/ainfo and audits/users folders need to be modified to allow Apache to write the Nessus reports to the drive and store customer nessusrc files. (For my installs, my "apache user" is "wwwrun".)

#chown {apache user} audits/ainfo

#chown {apache user} audits/users

#chmod 700 audits/ainfo

#chmod 700 audits/users

Make sure to log into front-end and change the passwords for the admin accounts. The default users are admin, nesuser and sa. All of the passwords are defaulted to a password of "password". The nesuser account is an example account of what is needed to log into the web interface and run Nessus. The admin and sa accounts are only for administering users with the vAuthenticate database.

Go to http://yourserver/audits. There will be a login button in the upper-right hand corner.

Done. Everything should be ready to go.

If you have any comments or suggestions, just let me know at: { sawall -[at]- gmail -[dot]- com }.