How to install, configure and use Nessus Vulnerability Scanner on CentOS 8
Nessus is one of the most popular remote vulnerability assessments trusted by more than 30,000 organizations worldwide. Nessus scans the system and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access.
Nessus does not actively prevent attacks, It will check security loopholes present in infrastructure. It provides detailed system security reports which will be very helpful for fixing any vulnerabilities and make the server more secure.
Nessus is available in many different versions, In this tutorial, we will install the free version of Nessus knows as Nessus Essentials which can scan 16 IPS.
Nessus is a cross-platform vulnerability scanner and supports many OS, but in this article, we will show you how to install Nessue Essentials on Centos 8.
Prerequisites
A server running CentOS 8.
A root password is configured on your server.
Getting Started
Before starting the installation of Nessue it is recommended to update your system packages to the latest version. To do so run the following command:
sudo dnf update -y
Install Nessus
For Nessue Essentials go to the below URL and click on the download button.
https://www.tenable.com/products/nessus
It will redirect you to https://www.tenable.com/products/nessus/nessus-essentials
Here you need to Register for an Activation Code. You will get that activation code in your registered email.
Then download Nessus package for CentOS 8.
Now upload Nessus rpm package on the server.
Then below command to install the package.
sudo rpm -ivh Nessus-8.13.1-es8.x86_64.rpm
Starting Nessus on CentOS 8
Now run the following commands to start the Nessus service, enable that server at startup and check Nessue service status by running the following command:
sudo systemctl start nessusd.service
sudo systemctl enable nessusd.service
sudo systemctl status nessusd.service
At this time Nessus service running on default port 8834 successfully, Before you start post-installation, you need to open up that port in your firewall. To do so run the following command:
firewall-cmd --zone=public --add-port=8834/tcp --permanent
firewall-cmd --reload
Now go to your browser and enter your server name or IP along with the default port of Nessus.
https://server_name_or_ip:8834/
Select Nessus Essentials and press the continue button.
Then press on skip button,
Now, Register Nessus by entering the activation code which was sent to your register email.
Next, enter the Username and password you want to set for Nessus login.
At this point, It will take some time for completing the final steps.
At this point, your Nessus installation completed successfully.
Nessus Management Console:
After successful installation, you will see the login page of Nessus where you will log in with your username and password.
After login, You can see the Nessus Vulnerability scanner’s dashboard as shown below.
From the dashboard, click on the ‘New Scan’ button on the top left of your Management console, Here, you can see scanning templates, some of the scanning templates are paid.
In this tutorial, we are going to do Basic Network Scan
Here you will be required to define its name and description. After that select the folder and target the host IP address or Network rage.
On the next tab configure the credentials of your remote host,
Once the settings are complete, click on the Save button.
Now you run the scan by selecting the play option as shown below.
After the scan completed, click on the Vulnerabilities tab to see the list of vulnerabilities found on the remote host.
To get more details on each vulnerability, click on it for detailed information.
Conclusion
In the above tutorial, you learned how to install and use Nessus Vulnerability Scanner. You can explore Nessus Vulnerability Scanner and check for other scanning templates. You can now scan the remote computer for any vulnerability through Nessus Vulnerability Scanner. Feel free to ask me if you have any questions.