Inprotect Setup Guide

Ronald W. Henderson

CTO
UNIVERSAL Technologies, LLC

Copyright © 2003 - 2008 Respective Authors

2006-Nov-23

This article takes one through the process of setting up Inprotect (a web based front end to the Nessus network vulnerability scanner) and the associated services using the Web User Interface (WUI) included with the Network Security Toolkit (NST).


Table of Contents

Overview
Goal
Assumptions
Setup
Booting and Connecting to the NST WUI
Finding Inprotect in the NST WUI
Setting Up Nessus
Setting Up MySQL
Setting Up Sendmail
Setting Up Inprotect
Using Inprotect
Logging Into Inprotect
Configuring Inprotect
Scanning Systems with Inprotect
Inprotect Reports
Backing Up and Restoring Inprotect
Conclusion
Summary Of What We've Learned
Where To Go From Here
Bibliography

Setting up a system to perform network vulnerability scans can be a time consuming task. The Network Security Toolkit (NST) greatly simplifies the task of setting up a system to run Inprotect.

Before attempting the procedures outlined in this document, the reader is expected to:

  • Download a compressed ISO image, uncompress it and burn it to a CD (creating a bootable CD). Or, download a ZIP file containing a VMware virtual machine and extract its contents. Links to these downloads can be found at the NST website (http://www.networksecuritytoolkit.org/).

    Note

    You will need version 1.5.0 of the NST (versions after 1.5.0 will probably work as well).

  • Have a basic understanding of using a Linux based system.

  • Have a system capable of booting the NST Live CD, or running the NST Virtual Machine (VMware Server and VMware Player were both free at the time of this writing). This system should be connected to a network with a DHCP server (or one needs to be familiar enough with the NST distribution that they are able configure the network information by hand).

    Note

    If you plan on using a Live CD plan on using a system with at least 512MB of RAM.

    Eventually, if you decide that you would like a permanent solution, we recommend that you perform a hard disk installation of the NST distribution using the nsthdinstall script.

  • Have access to a web browser on a different system which is on the same network (or able to reach) the NST system.

A Permanent Setup

Nessus and Inprotect require a considerable amount of system resources (disk and memory usage). While it is possible to "try" the Nessus and Inprotect setup outlined in this article using a "Live CD" boot of the NST it is not realistic to expect to run from a "Live CD" boot for an extended period of time. A hard disk installation of the NST should be performed when a permanent solution is required. The nsthdinstall command makes the hard disk installation of a NST distribution a relatively simple task.

Note To Windows Users

By using VMware Server, it is possible to do everything in this article on a Windows box without rebooting your system or burning a CD. You'll just need to download the NST Virtual Machine and run it on your Windows system. However, this is only recommended if your system has a least 1GB of RAM.

The following tools were used when creating this article.

NST 1.5.0 (DEVELOPMENT)

A development release of the 1.5.0 NST ISO image was used.

DHCP Server

A DHCP server was running on the network. This simplifies the booting/configuration of the NST (we didn't need to configure network settings by hand).

Dell Inspiron 8200

This laptop was used to run two Operating Systems simultaneously. The host Operating System is Fedora Core 6 and was used to run Firefox and write this article. The NST Virtual Machine was also running under VMware Server. The laptop is from the year 2003, but since it has been upgraded to 1GB of RAM, running the two Operating Systems simultaneously was not too much of an issue.

Sager 8530

This laptop is from 1999 and has 386MB of RAM and a 466MHz Celeron CPU. It was used to test the Inprotect setup after installing the NST distribution to a partition on the hard disk. It was left running Inprotect for a two week period (while writing this article). It faithfully ran its scheduled Nessus scans each night and logged the collected information to the database.

Sun X4600

This is a MONSTER system on loan from Sun™ which we had access to for a few weeks. It is an 8 way SMP box (4 dual core Opteron CPUs running at 2.61GHz) and has 16GB of RAM installed. We did a hard disk install of a custom x86_64 build of the NST onto this beast. We then setup Inprotect as described in this article. This allowed us to verify that these settings would work on a high end system.