Vous êtes sur la page 1sur 7

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

1 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

LinuxPitStop
Linux Tips, Techniques, HowTo's & Open Source News

Linux HowTos

Linux Distros

Linux & Open Source News

About US

Privacy Policy

How to install, configure and use


Nessus Vulnerability Scanner on
CentOS 7 and Ubuntu
15.10/15.04
April 15, 2016 by Kashif

Hello friends, if you are an administrator in charge of any computer (or group of computers)

Follow Us

Get Linuxpitstop
articles by Email

connected to the Internet, then Nessus is a great tool to help keep your domains free from
the vulnerabilities that hackers and viruses commonly look to exploit. It is not a complete
security solution, rather it is one small part of a good security strategy.

Email *

Nessus is an Open Source remote security scanning tool, which scans a computer and raises an
alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any
computer you have connected to a network. It does this by running over 1200 checks on a

Subscribe

given computer, testing to see if any of these attacks could be used to break into the
computer or otherwise harm it.

Prerequisites:
In this article we are going to show you installation, configuration and usage of Nessus
Vulnerability Scanner on CentOS 7 and Ubuntu 15.10/15.04 . The installation is very fast and
easy that dont need you to be a Linux expert to install Nessus. Lets connect to your server

Our popular posts


Install Eclipse IDE on
Ubuntu Linux 15.04

using root user credentials and run below commands to update your system.
For CentOS 7:
# yum -y update
For Ubuntu 15:
# apt-get -y update

Download Nessus:

Install Microsoft Office


2010 using PlayOnLinux On
Ubuntu 15.04

The first thing you will need to do is to Sign up for a Home license of Tenables Nessus and
Download the appropriate installer from this Nessus Resource Page. Once you have
downloaded the installer in rpm format for CentOS 7 and Ddebian for Ubuntu, you will need to
transfer it to your machine if you have not downloaded this directly using wget.

How To Install Kali Linux


Tools On Ubuntu 16 And
CentOS 7

The Nessus package does not have specific requirements to complete installation, so you
should have no issues in simply running the below installer.

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

2 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

Installing on CentOS 7:
Download the required RPM for CentOS 7 and then run below command to install.
# rpm -ivh Nessus-6.6.0-es7.x86_64.rpm

Installing on Ubuntu 15:


Once you have downloaded the .deb package for your Ubuntu 14/15 package, then you will be
able to install Nessus by issuing the below command on your Ubungtu 15 server.
# dpkg -i Nessus-6.6.0-ubuntu1110_amd64.deb

Starting Nessus on CentOS 7


Now run the following commands to start the Nessus service and check its status, that should
be active and as shown.
#systemctl start nessusd.service
#systemctl status nessusd.service

Starting Nessus on Ubuntu 15


Similarly, if you on ubuntu server then run below commands to start Nessus services and
checck its status.
#systemctl start nessusd.service
#systemctl status nessusd.service

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

3 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

To ensure that this service will auto-start when the server is rebooted, you will have enable
this with using following command.
#systemctl enable nessusd.service

Nessus Web Setup:


Now that nessusd is up and running, the final stage before we are being able to browse the
web interface for Nessus is to open up the port in your firewall. This can be done by editing
the iptables file on your server to allow access to port 8834 which is the default HTTPS web
port for Nessus. You allow this port using below commands.
For CentOS 7:
#firewall-cmd --zone=public --add-port=8834/tcp --permanent
#firewall-cmd --reload
For Ubuntu 15:
#ufw allow 8834/tcp
Run the command below to verify.
# ufw status verbose
Lets open open your web browser and flow the IP address or FQDN of your CentOS 7 or
Ubuntu 15 server along with the default port of Nessus.
https://your_server_name_or_ip:8834/

Press continue to perform account setup, register this scanner, and download the latest
plugins.
Account Setup
In order to log in to this scanner, a System Administrator account must be created. This
user has full control of the scannerwith the ability to create/delete users, stop running
scans, and change the scanner configuration.

Since this user can change the scanner configuration, it also has the ability to execute
commands on remote hosts. Therefore, it should be noted that this user has the same
privileges as the root (or administrator) user on remote hosts.
Product Registration:
Tenables research staff releases plugins that enable Nessus to detect their presence. These
plugins contain vulnerability information, algorithms to test for the presence of the issue, and
a set of remediation actions. Registering this scanner will grant you access to download these
plugins.
Lets create your account and you get the code in your email that you have to put here as

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

4 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

shown in the below image and then click on Continue button.

Now wait for a while until Nessus initializing process complete.

Nessus Management Console:


After completing the download and initializing process, you will see the login page of Nessus
where you will login with your previously created user account.

Upon successful credentials, you will be directed to the Nessus Vulnerability scanners
dashboard where you will be able to manage your scan jobs.

Using Nessus Scaner:


Now we are going to setup our first scan with Nessus. Lets click on the New Scan button on
the Top left of your Management console, where you will see multiple scanning templates but
for few of them you will be required to upgrade your license.

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

5 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

Here we are going to choose the Basic Network scan , where you will be required to configure
credentials of your remote host, then define its name and description. After that select the
folder and target host IP address or Network rage. Once the settings are complete, click on
the save button.

Now you can schedule or run the the scan on demand by selecting the play option as shown.

Once the scan is complete, click on the vulnerabilities to expand the list all vulnerabilities
found the remote host.

To get more details about each vulnerability , simply click on that and you will find its
detailed information.

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

6 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

Conclusion:
Nessus is an incredibly useful, including some distinct advantages over other tools in this
genre (including the commercial tools). Now enjoying hunting with Vulnerabilities but dont
forget to leave your valuable comments and suggestions.
Please follow and like us:

Like

Linux HowTo's
How to configure Fully Distributed Hbase cluster on CentOS 7
Install and Configure Openstack Neutrons LBaaS (Load Balancer as a Service) On CentOS 7 (Kilo Release)

5 thoughts on How to install, configure and use Nessus


Vulnerability Scanner on CentOS 7 and Ubuntu 15.10/15.04
Tomas
April 18, 2016 at 10:39 am | Reply

Hi, what are those distinct advantages over other tools in this genre? Id like more input on
this one if at all possible.

Kashif
April 18, 2016 at 8:18 pm | Reply

Hi Tomas,
Nessus is a network vulnerability scanner that allows you to probe network systems for
potential security holes with primary advantage of its price tag over the other scanners,
just because of its base desktop-scanning product is free.
Unlike other scanners, Nessus does not make assumptions about your server configuration
that can cause other scanners to miss real vulnerabilities.
When Nessus detects a vulnerability, it is also most often able to suggest the best way you
can do the remediation of vulnerability.
Thank you.

Tomas
April 19, 2016 at 9:41 am | Reply

As far as I see, the only free version of Nessus is Nessus Home, which is designed for
home use only. So I cannot use it at work Im afraid. While I see a point of having such
version available, its not really a big advantage over other free tools such as w3af or
Arachni which can be used for work.
I did a bit of reading on Nessus and tend to agree with you that Nessus doesnt make
assumptions, which sometimes can be seen as a disadvantage, depending on your care.
It seems to me that Nessus looks for known vulnerabilities of known web applications
along with system services and devices etc. Thats good up to a point where you want
some dynamic analysis.

Heriberto Torrado
April 18, 2016 at 3:48 pm | Reply

08/08/2016 08:35 a.m.

How to Install and Use Nessus Vulnerability Scanner | LinuxPitStop

7 of 7

http://linuxpitstop.com/nessus-vulnerability-scanner-on-centos-7-and-...

Nice post.
Thanks a lot.

Aun
April 18, 2016 at 5:53 pm | Reply

You are welcome!

Leave a Comment

5+

= six

Post Comment

Copyright@LinuxPitstop

08/08/2016 08:35 a.m.