How to install, configure and use Nessus Vulnerability Scanner on CentOS 8

Nessus is one of the most popular remote vulnerability assessments trusted by more than 30,000 organizations worldwide. Nessus scans the system and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access.

Nessus does not actively prevent attacks, It will check security loopholes present in infrastructure. It provides detailed system security reports which will be very helpful for fixing any vulnerabilities and make the server more secure.

Nessus is available in many different versions, In this tutorial, we will install the free version of Nessus knows as Nessus Essentials which can scan 16 IPS.

Nessus is a cross-platform vulnerability scanner and supports many OS, but in this article, we will show you how to install Nessue Essentials on Centos 8.

Prerequisites

A server running CentOS 8.
A root password is configured on your server.

Getting Started

Before starting the installation of Nessue it is recommended to update your system packages to the latest version. To do so run the following command:

sudo dnf update -y

Install Nessus

For Nessue Essentials go to the below URL and click on the download button.

https://www.tenable.com/products/nessus

It will redirect you to https://www.tenable.com/products/nessus/nessus-essentials

Here you need to Register for an Activation Code. You will get that activation code in your registered email.

Then download Nessus package for CentOS 8.

Download Nessus
Now upload Nessus rpm package on the server.

Then below command to install the package.

sudo rpm -ivh Nessus-8.13.1-es8.x86_64.rpm

Install Nessus as RPM package

Starting Nessus on CentOS 8

Now run the following commands to start the Nessus service, enable that server at startup and check Nessue service status by running the following command:

sudo systemctl start nessusd.service

sudo systemctl enable nessusd.service

sudo systemctl status nessusd.service

Start Nessus daemon

At this time Nessus service running on default port 8834 successfully, Before you start post-installation, you need to open up that port in your firewall. To do so run the following command:

firewall-cmd --zone=public --add-port=8834/tcp --permanent
firewall-cmd --reload

Now go to your browser and enter your server name or IP along with the default port of Nessus.

https://server_name_or_ip:8834/

Select Nessus Essentials and press the continue button.

Nessus web UI

Then press on skip button,

Get activation code

Now, Register Nessus by entering the activation code which was sent to your register email.

Register Nessus

Next, enter the Username and password you want to set for Nessus login.

Create user account

At this point, It will take some time for completing the final steps.

Initializing Nessus

At this point, your Nessus installation completed successfully.

Nessus Management Console:

After successful installation, you will see the login page of Nessus where you will log in with your username and password.

After login, You can see the Nessus Vulnerability scanner’s dashboard as shown below.

Nessus Dashboard

From the dashboard, click on the ‘New Scan’ button on the top left of your Management console, Here, you can see scanning templates, some of the scanning templates are paid.

Scan templates

In this tutorial, we are going to do Basic Network Scan

Network scan

Here you will be required to define its name and description. After that select the folder and target the host IP address or Network rage.

On the next tab configure the credentials of your remote host,

SSH

Once the settings are complete, click on the Save button.

Now you run the scan by selecting the play option as shown below.

List of past scans

After the scan completed, click on the Vulnerabilities tab to see the list of vulnerabilities found on the remote host.

Network scan

To get more details on each vulnerability, click on it for detailed information.

SSL Security suites

Conclusion

In the above tutorial, you learned how to install and use Nessus Vulnerability Scanner. You can explore Nessus Vulnerability Scanner and check for other scanning templates. You can now scan the remote computer for any vulnerability through Nessus Vulnerability Scanner. Feel free to ask me if you have any questions.

Share this page:

0 Comment(s)