In today’s guide, we’ll discuss the process of Installing Nessus on Ubuntu 22.04/20.04/18.04. Nessus is a proprietary vulnerability assessment tool that works for Mobile and Web applications deployed on Premise or in a cloud environment.
Nessus gives you malware detection, scanning of embedded devices, configurations auditing, control systems auditing and compliance checks among other features. Installing Nessus Scanner on Ubuntu is the first step to securing and hardening your Infrastructure and Applications from the “bad guys”.
With Nessus, you can audit the following environments:
- Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
- Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: Scans cloud applications and instances like Salesforce and AWS
- Compliance: Helps meet government, regulatory and corporate requirements
- Meets PCI DSS requirements through configuration auditing, web application scanning
Install Nessus Scanner on Ubuntu 22.04|20.04|18.04
Nessus Scanner packages are available on Nessus Downloads page. Confirm the latest Nessus Debian package release before downloading it.
As of this article writing, the available release is Nessus - 10.x . This is what we’ll download and install.
Step 1: Install Nessus Scanner
Download latest release for Ubuntu:
sudo apt update && sudo apt install curl -y
wget https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.7.2-ubuntu1404_amd64.debFor Ubuntu , the package name I’m using is:
Nessus-*-ubuntu1404_amd64.debInstall it by running:
sudo apt install -f ./Nessus-*-ubuntu1404_amd64.debStep 2: Start and enable nessusd service
Start nessusd service:
sudo systemctl start nessusdThen enable the service to start on boot:
$ sudo systemctl enable nessusd.service
nessusd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nessusdConfirm service status using:
$ systemctl status nessusd.service
● nessusd.service - The Nessus Vulnerability Scanner
Loaded: loaded (/lib/systemd/system/nessusd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2024-04-17 18:28:11 UTC; 9s ago
Main PID: 5329 (nessus-service)
Tasks: 14 (limit: 4537)
Memory: 39.6M
CPU: 12.964s
CGroup: /system.slice/nessusd.service
├─5329 /opt/nessus/sbin/nessus-service -q
└─5330 nessusd -qNessus daemon binds to TCP port 8834.
Make sure this port is allowed on firewall if UFW is running:
sudo ufw allow 8834/tcpStep 3: Configuring Nessus Vulnerability scanner
Visit your Nessus web interface on https://[IP Address|Hostname]:8834 to finish Nessus installation and activation. Create Nessus Administrator Account on the first page.
Before you can use Nessus, you’ll have to obtain an activation code on https://www.tenable.com/products/nessus/activation-code.
For testing purposes, you can go with the “Nessus Home” license.
The License key will be sent to you on email used for signup. Register your Nessus Scanner with emailed activation code.
The Initializing process should start.
Be informed that this could take some time as Nessus download Plugins and prepare the files needed to scan your assets. When done, login with created admin account.
Nessus default page on login should look similar to below.
You should now have Nessus Scanner installed and configured on Ubuntu. Our next articles will cover usage of Nessus for scanning different assets in your Infrastructure.
Security related books to read:
Check more guides related to security.
- Install Metasploit Framework on Kali Linux
- How To Start Metasploit Framework on Kali Linux
- Automatically Clean Unused Temporary files in Linux
