[No Dice]

Would any one be so kind as to give a step by step tutorial for properly starting and running Nessus and Ethereal? Nessus is for scanning my local LAN and I�d like to setup ethereal to sniff traffic on another PC on my LAN. I'd also like to be updated with the latest nessus downloads so if you could add that as well...

Me � 192.168.1.100
BTrk � 192.168.1.101

How do I tell ethereal to sniff 192.168.1.100? I�m just curious to see if it captures my passwords and so on?

Thanks much..

[webdevil]

To sniff 192.168.1.100
you could just type in 'ip.addr eq 192.168.1.100' in the filter bar.
you can sniff almost all ftps,telnet and websites that transmit username/password without encryption i.e unlike Yahoo and Hotmail.
Ofcourse it shouldnt be on a lan using a switch. Then maybe you could poison it ... I mean ARP posioning.

[belgther]

for nessus on backtrack, simply run nessus-start, and you will see a screen asking the server to connect and the username/password. By auditor, the host should be localhost, the username/password is auditor/auditor (if it doesn't work, try backtrack/backtrack). Then choose the plugins to run (suggestion: enable all but dangerous plugins) and start scanning.
To update nessus, simply run nessus-update-plugins or download the latest nessus version (should be 3.0).

[No Dice]

That cleared up any doubts that I had and appreciate the replies.. I�m a typical Windows hero just trying to get by in a Linux world�

[RANGER]

For you to run nessus you have to start the nessus server "nessusd" first, you can also just type nessus and hit the "Tab" button twice and it will show you all the nessus command options there is, Now for sniffing another Ip when it's using switched ports you can use ethereal in a combination with "arpspoof" and "dnsspoof" to grab that traffic.