Nessus Build and Installation Problems 3 May, 2000 Nick Metrowsky Introduction The following are problems discovered in building and running nessus on Digital UNIX V4.0f. Building Nessus General The "make" utility that comes with any variant of Digital UNIX V4.0, does not work properly in building of nessus. To save time, and a great deal of grief, it would be a good idea to obtain, build and install GNU's make Utility. It is available from ftp://ftp.gnu.org/pub/make". Also, Digital UNIX's C compiler will not build parts of nessus. In many cases, the compiles just fail (see libnasl where Digital UNIX's C compiler does prove to be useful). Again, obtain GNU's gcc compiler from ftp://ftp.gnu.org/pub/gcc". nessus-libraries In the build of libpeks, the Makefile defines two variables for the objects from "gmp202": GMPOBJ and GMPOBJS. Object information for "gmp202" is defined in GMPOBJS and GMPOBJ is left blank. However, the variable GMPOBJ is used in linking "gmp202" into linpeks. This results in undefined library objects for "mpz_*". Workaround, copy the information for the GMPOBJS definition into the blank GMPOBJ definition, in "nessus-libraries/libpeks/Makefile". Before running the make of "nessus-libraries". libnasl Before continuing, make sure the path the the nessus libraries are in your "LD_LIBRARY_PATH" and that the path to the nessus binaries are in your default "PATH", else "configure" will not work. libnasl proved to be the most problematic part of building nessus, in so far that for some unknown reasons several modules would not compile under gcc, but would compile under Digital UNIX's C compiler. In all cases, the affected modules were complaining about "ip_v", "ip_hl" and other variants of the "ip" structure obtained from "/usr/include/netinet/ip.h". The Digital UNIX C compiler was able to dead with this, but gcc would display and error message stating the "ip_v", "ip_hl", et. al. were not defined in structure "ip". The affected modules are: udp.c, tcp.c, nessus-extensions.c, pcap_next.c, ip.c, icmp.c, and igmp.c The workaround, was to modify "nasl.tmpl" and change "CC=gcc" to "CC=cc", for each of the problem modules, run the make command, cancel the make, change "nasl.tmpl" to use gcc, and issue the make command to continue. In the end, libnasl was successfully built. nessus-core Fortunately, this was the easiest portion of nessus to build. Unfortunately, there was one minor problem with this section; "nasl.h" was needed in "nessus-core/include". Copying of "nasl.h" from "libnasl/include" to "nessus-core/include" took care of any problems. nessus-plugins There were two problems with nessus-plugins and they both involved the build of the "c" modules. First, a minor modification was needed to nessus_plugins/plugins/install_plug I had to change: if [ -f .libs/lib$1.so.0 ];then test -d $2/bin/ || mkdir $2/bin/ cp .libs/lib$1.so.0 $2/bin/$1.nes cp .libs/lib$1.so.0 $1.nes else if [ -f .libs/lib$1.so.0.0 ];then test -d $2/bin|| mkdir $2/bin cp .libs/lib$1.so.0.0 $2/bin/$1.nes cp .libs/lib$1.so.0.0 $1.nes fi fi to: if [ -f .libs/lib$1.so.0 ];then test -d $2/bin/ || mkdir $2/bin/ cp .libs/lib$1.so.0 $2/bin/$1.nes cp .libs/lib$1.so.0 $1.nes fi if [ -f .libs/lib$1.so.0.0 ];then test -d $2/bin|| mkdir $2/bin cp .libs/lib$1.so.0.0 $2/bin/$1.nes cp .libs/lib$1.so.0.0 $1.nes fi if [ -f .libs/lib$1.so.0.0.0 ];then test -d $2/bin|| mkdir $2/bin cp .libs/lib$1.so.0.0.0 $2/bin/$1.nes cp .libs/lib$1.so.0.0.0 $1.nes fi else, the ".nes" files would not be built. Also, the problem mentioned earlier with building "libnasl", also affected the build of a couple of the modules. They would not build using gcc, but would with Digital UNIX C. The affected modules were: queso and smad. The workaround, was to modify "nessus.tmpl" and change "CC=gcc" to "CC=cc", for each of the problem modules, run the make command, cancel the make, change "nessus.tmpl" to use gcc, and issue the make command to continue. One last problem, objectserver could not be built, because a couple variables were not available in Digital UNIX include files. Running The main problem with nessus, is that that a message of the following format is generated whenever nessusd or nasl program is started or accessed: Unaligned access pid=24111 va=0x140006a8c pc=0x3ffbffedf9c ra=0x3ffbffec8c8 inst=0xa6010000 nasl, generates about 35 lines of messages containing different addresses for "va", "pc", "ra" and "inst". nessusd, generates 4 lines of messages, similar to above each time it attempts to load all the plugins into memory. It takes about 5 minutes for nessusd to complete the startup. Even though the messages are generated, the nasl and nessusd seem to be working fine. Other problems: 1. When generating the HTML report containing pie charts, and saving the output, the nessus program terminates abruptly with floating point error. (** FIXED NOW - rd, 07/27/2000 **) 2. Any of the scan options selected on the "Scan Options" Menu Page, causes nessus to terminate the scan. If none of the options are selected, then nessus will perform the security checks only. 3. It takes a great deal of time and CPU resources to login (about 2 to 3 minutes on a DEC 3000/300Xl 150 mhz Alpha system).