How to install & Configure Nessus on Ubuntu 20.04

In this tutorial, we will learn, the steps to install and configure the Nessus scanner on Ubuntu 20.04 LTS server to scan vulnerabilities. 

Nessus is a modularly expandable vulnerability scanner that examines various operating systems and servers for a large number of security holes. The reports can be output in various formats. Nessus uses plug-ins written in the NASL scripting language. The suite is client-server-oriented, the scan engine can be operated from any remote system with a separate GUI.

It is available in both premium and free versions, the free one has a limitation of 16 IPs scanning. Thus, Nessus free edition is ideal for personal usage, a small startup, educators, and individuals starting their careers in Cyber Security.

To activate it, however, a valid email address is required. Professional users must purchase a license that costs $ $2,990 for 1 year.

Install Nessus Scanner on Ubuntu 20.04 LTS server

The steps given here will be the same for Ubuntu 14.04/18.04/19.10, Kali Linux and Debian Linux as well…

1. Download Nessus Scanner Deb package

Tenable offers the Nessus scanner via Deb binary, which the user needs to download from its official website to install it. So, visit the Nessus Download page and scroll to find your Linux operating system and its corresponding version.

Download Nessus for Ubuntu 20.04 Linux.

 

2. Command to Install Nessus on Ubuntu 20.04

We already have downloaded the Debian binary to set up Nessus on Linux, now whatever we download from the browser goes into the Downloads folder, so switch to that first.

cd Downloads

Now, use the APT package to install the file.

sudo apt install ./Nessus*_amd64.deb

 

3. Enable & Start Scanner services

Once the installation is completed, let’s enable its service to run automatically with Ubuntu boot, and also start the same for the current session.

sudo systemctl enable --now nessusd

To check the status, type-

sudo systemctl status nessusd

To exit- press Ctrl + C

Start Nessus Scanner Services on Ubuntu 20.04

 

4. Allow Nessus Port through the firewall

The Nessus runs on port number 8834, thus to access its web interface remotely using the browser, we need to open this port in our Ubuntu 20.04 firewall.

sudo ufw allow 8834

 

5. Access Web Interface

Now, open a browser on a system that can access the Ip-address of the server where you have installed the Nessus scanner instance. And point to that along with a port number.

example–  https://server-ip-address:8834

Replace server-ip-address with the real IP of your Ubuntu 20.04.

Note: don’t use HTTP otherwise you will have an error:

Bad Request

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead, please use the HTTPS scheme to access this URL.

If you get an SSL certificate error then click on Advance and proceed unsafely.

 

6. Choose how you want to deploy Nessus – setup on Ubuntu 20.04

The initial web page of the Nessus will ask you to select the product which you want to install. Here, the first product option you get is free to use where the rest are paid but available with a trial period.

Nessus Essentials – The free version for educators, students, and hobbyists
Nessus Professional– The de-facto industry standard vulnerability assessment solution of security practitioners.
Nessus Manager – The enterprise solution for managing Nessus Agent at scale.
Managed Scanner – Link your scanner to another Tenable solution such as Tenable.io and Tenable.sc.

 

Nessus product selection essentials and proffesional

 

7. Get Activation code

Enter your email address and other details to get the activation code, so that we can activate the product to use it further. The best way to get the code is to visit the Registration page, register for a Professional or free version to get Activation one.

After that click on the Skip button and add the code you got on your email.

Get the NEssus activation code

 

 

8. Create User

When the system asks you to create a Nessus Admin user, create that by setting a username and corresponding password. After that, you will have the working Nessus on your system.

Command to Install Nessus Scanner on Ubuntu 20.04 LTS server

 

9. Add NessusCLI command to the system path

By default, to access the Nessus command line, we have to define the whole path for nessuscli tool on our Ubuntu 20.04 system’s terminal. To remove this, we just need to add its CLI tool folder to our system path. Know more about its command line at the official Doc page.

Run the below command in the Ubuntu 20.04 Terminal: 

sudo -i
export PATH=$PATH:/opt/nessus/sbin/
source ~/.bashrc
nessuscli help

Output:

Usage: nessuscli <command> [<options>]
Usage: nessuscli <command> help

Bug Reporting Commands:
bug-report-generator 
bug-report-generator --quiet [--full] [--scrub]

User Commands:
rmuser [username]
chpasswd [username]
adduser [username]
lsuser

Dump Commands:
dump --plugins

Link Commands:
managed link --key=<key> --cloud or --host=<host> --port=<port> [optional parameters]
managed unlink [--force]
managed status

Fetch Commands:
fetch --register <serial>
fetch --register-offline <license.file>
fetch --check
fetch --code-in-use
fetch --challenge
fetch --security-center
fetch --scanner-health-stats

Node Commands:
node link --key=<key> --host=<host> --port=<port>
node unlink
node status

Fix Commands:
fix [--secure] --list
fix [--secure] --set <name=value>
fix [--secure] --get <name>
fix [--secure] --delete <name>
fix --show
fix --show <name>
fix --list-interfaces
fix --reset

Certificate Commands:
import-certs 
mkcert-client 
mkcert [-q]

Backup Tool:
backup --create <backup file filename>
backup --restore <backup file path>

Analyze Commands:
analyze scan <uuid>

Software Update Commands:
update 
update --all
update --plugins-only
update <plugin archive>

 

 

Other Articles:

Install WPScan WordPress Security Scanner on Ubuntu 20.04 LTS
Install latest Linux Kernel on Ubuntu 20.04 Focal Fossa via PPA
MongoDB Compass GUI in Ubuntu 20.04 LTS Linux
How to install Adobe Photoshop CS6 on Ubuntu 20.04
Install Graylog on Ubuntu 20.04 LTS

 

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.