Officially, this is unsupported. It may break your appliance, cause Tenable’s tools to stop working, etc. I thought it would be worthwhile to put together another HOWTO, though. I recently got a bit frustrated with the Passive Vulnerability Scanner, and wanted access to the command-line tools. I didn’t want to spend a lot of time setting up and managing yet another operating system and going through Dependency Heck installing RPMs.
I probably don’t need to say this, but keep in mind that installing an SSH server on the appliance is a security risk. The appliance’s package management system is disabled by default and has an empty repository list, so you get no update notice if your SSH server suddenly goes out of style. I recommend following these instructions and only enabling SSH on network interfaces accessible to the VM host.
I recommend deciding which IP address to bind to before starting. The appliance doesn’t come with a text editor, so you’ll have to install one or make creative use of ‘cat’ and ‘sed’ if you decide to change your mind on interfaces later.
First, you’re going to need another Linux VM to do this. I use BackTrack for just about everything. Your instructions may vary slightly from these (probably they’ll be easier). I’m going to assume BT5 + VMWare though. You’ll need BackTrack installed on a system so that you can add an extra package.
You’ll want to attach the Tenable Appliance’s ‘data’ hard disk to your VM. To do this, first shut down the Tenable Appliance from the console. Make sure that it’s off, not suspended. Attach the ‘data’ hard disk to your BT5 VM. Make sure that you choose to not copy the disk, but to use the actual file that the other VM uses.
Boot up BT5. Your bootlog will show that the extra hard disk was identified, but that it has a disklabel that can’t be read. This is because the Tenable Appliance uses LVM (logical volume management, a fancy disk management system for Linux that allows for fancy things like mirroring, disk portability, etc). You won’t be able to mount the disk just yet.
On the BT5 console, install LVM2. ‘apt-get install lvm2’.