Nessus: Migration

NESSUS MIGRATION

When migrating Nessus from one machine to another, please make sure that the versions are same - at least the major version should be the same. 


In Nessus, the bit version (32bit or 64 bit) will not affect

Step One: Backup

On Windows:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus. Stop your Nessus
3.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\master.key to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\master.key
4.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\users to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\users
5.      Copy OLD_DRIVE:\\Program files\\Tenable\\Nessus\\nessus\\policies.db to CURRENT_DRIVE:\\Program Files\\Tenable\\Nessus\\nessus\\policies.db
6.      Start Nessus on the new system.
      Note: The path is C:\Documents and Settings\All Users\Application Data\Tenable\Nessus\nessus for WindowsXP users and programdata for windows vista/7 users
On *nix:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus. Stop your Nessus
3.      Copy OLD_DRIVE /opt/nessus/var/nessus/master.key to CURRENT_DRIVE /opt/nessus/var/nessus/master.key
4.      Copy OLD_DRIVE /opt/nessus/var/nessus/users to CURRENT_DRIVE /opt/nessus/var/nessus/users
5.      Copy OLD_DRIVE /opt/nessus/var/nessus/policies.db to CURRENT_DRIVE /opt/nessus/var/nessus/policies.db
6.      Start Nessus on the new system.
On Mac OS X:
1.      Install Nessus on the new drive or host.
2.      Do not run any scans or create any policies with the new copy of Nessus.
3.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/master.key to CURRENT_DRIVE /Library/Nessus/run/var/nessus/master.key
4.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/users to CURRENT_DRIVE /Library/Nessus/run/var/nessus/users
5.      Copy OLD_DRIVE /Library/Nessus/run/var/nessus/policies.db to CURRENT_DRIVE /Library/Nessus/run/var/nessus/policies.db
6.      Start Nessus on the new system.

Step Two: Reset the Activation code through portal

To reset your code you will need to log into the Support portal ( https://support.tenable.com ) then select Activation Codes then select the ‘+’ symbol beside “Nessus after the section is expanded select the feed you want reset and then click on the X next to the code to reset it. Reset codes have a 10 day waiting period before you can reset your code again. You can use the code immediately after it is reset.

Please be aware that our plugin download ip address is: 4.59.136.208 and, you may need to update your firewall rules to allow plugin downloads over port 443 for that IP address.

Three: reset the code in Nessus through command line

You can use the following to activate your Nessus. First you will need to reset the code on the support portal before running the commands listed below.


Unix Systems: (login as root user)

# service nessusd stop
# /opt/nessus/sbin/nessus-fix --reset

Set your proxy if you have one (if not skip these steps): Please note that nessus-fetch.db is needed for the proxy set up and this file will not exist in a fresh installation until the plugins get updated.

nessus-fix --secure --set proxy=%IP or Hostname of Proxy% 
nessus-fix --secure --set proxy_port=%Port of Proxy% 
nessus-fix --secure --set proxy_username=%Username of Proxy% 
nessus-fix --secure --set proxy_password=%Password of Proxy%

Register your code:
# /opt/nessus/bin/nessus-fetch --register ACTIVATIONCODE
# /opt/nessus/sbin/nessusd -R
# service nessusd start

Please replace the ACTIVATIONCODE with your own one

Windows system: ( you will need to run CMD as administrator) 

NET STOP “Tenable Nessus”
“\Program Files”\Tenable\Nessus\nessus-fix --reset

Register your code:
“\Program Files”\Tenable\Nessus\nessus-fetch --register ACTIVATIONCODE
“\Program Files”\Tenable\Nessus\nessusd –R
NET START “Tenable Nessus”

Please replace the ACTIVATIONCODE with your own one

Mac OSX system: 

# launchctl unload -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist
# /Library/Nessus/run/sbin/nessus-fix --reset

Register your code:
# /Library/Nessus/run/bin/nessus-fetch --register ACTIVATIONCODE
# /Library/Nessus/run/sbin/nessusd -R
# launchctl load -w /Library/LaunchDaemons/com.tenablesecurity.nessusd.plist

Please replace the ACTIVATIONCODE with your own. 

No comments:

Powered by Blogger.