Are you a pen-tester or just someone interested in keeping the security levels of your network as high as possible? Nessus is a widely-used vulnerability scanner that allows you to perform a variety of network vulnerability scanning tasks using a web-based GUI. Here we show you how to take advantage of all the great features this industry-leading vulnerability scanner offers.
Also read: 9 of the Best Email Clients for Linux
What Is Nessus?
Nessus is a vulnerability scanner developed by a cybersecurity company called Tenable that allows you to perform detailed vulnerability scans on your network. The software has been designed to cover a variety of different technologies, such as operating systems and web servers, and find any possible vulnerabilities that affect these specific technologies. According to Nessus’s website, the scanner can check for more than 68,000 different Common Vulnerabilities and Exposures (CVEs).
Licenses
Tenable offers three different licenses for Nessus users with different vulnerability scanning needs.
Nessus Essentials
This free option is primarily meant for cybersecurity students, educators, and people starting their careers in cybersecurity. It allows you to scan up to 16 IP addresses and offers free community support.
Nessus Professional
This option is perfect for consultants, professional pen-testers, and security analysts. With a price of more than $2000 per year, it offers an unlimited amount of assessments, live results, advanced 24/7 support, and on-demand training for users.
Tenable.io
Tenable.io is an enterprise-level vulnerability management system designed primarily for businesses with a large number of assets to scan and analyze. It is managed in the cloud and features advanced dashboards and reports.
Also read: How to Use tcpdump for Packet Capture
Installation
The installation of Nessus is a relatively quick and simple process. The tool is available on Tenable’s website for most common Linux distros.
The example used here is installing Nessus on a Kali Linux system. Start by downloading a file called “Nessus-10.1.1-debian6_amd64.deb.”
Next, install it by using the dpkg utility:
sudo dpkg -i Nessus-10.1.1-debian6_amd64.deb
After Nessus has been installed, the software can be started using the systemctl utility:
sudo systemctl start nessusd.serviceThis will start a local web server on port 8834, where you can access the scanner’s GUI interface. Access it by typing https://127.0.0.1:8834/ in your web browser of choice.
Also read: How to Generate SSL Certificates on Linux Using OpenSSL
Setting It Up
The setup process includes several steps:
- Choose which version of Nessus you want to deploy on your system. Since I am using the free version, I chose “Nessus Essentials.”
- Fill in information such as your first and last name along with your email. Once the form is submitted, you will receive an activation code for your Nessus license.
- The third step requires you to create an account with a username and password.
- Wait for the software to download and install the necessary plugins. This can take a few moments.
After all of these steps are completed, you will be greeted with the Nessus default page.
Also read: How to Set Up an SFTP Server on Linux
Exploring the Interface
Now that you have installed Nessus on your system, it’s time to take a look at its interface and the features it offers.
The Scans Page
The “Scans” page is the main page of the Nessus web GUI. Here you can view your previous scans, import previous scans, and search for previous scans.
The Settings Page
Here you can manage your Nessus installation and perform administration tasks, such as managing your account and configuring the scanner according to your preferences.
The Policies Page
If you would like to implement any policies, you can do that here. Nessus policies enable you to define actions performed during a scan and save them to templates. Using them is a great way to save time and increase efficiency.
The Plugin Rules Page
This page allows you to specify rules for the different plugins used by Nessus in the form of hiding or changing the severity of a plugin.
Performing a Scan
A host discovery scan is one of the most basic scans you can perform using Nessus and one of the first ones you should try. It scans your network for hosts and information about them.
Start by clicking “New Scan” on your Scans page to bring you to a menu where you will find a variety of different scan templates. Choose the “Host Discovery” scan template.
After you choose it, you can specify different settings for your host scan. You are required to name your scan and specify the targets of your scan. Optionally, you can also write a description and choose a folder.
In the “Discovery” settings, you can specify the type of scan you want to perform. Options include the default value of host enumeration, OS identification, and port scan.
You can also schedule your scan. This allows you to specify when the scan starts and how often it is conducted.
Additionally, you can even specify email addresses you want Nessus to send notifications to about the scan. However, this requires you to set up an SMTP server in the settings.
You can also take a look at report settings and advanced settings that allow you to customize your scan even further.
After you have customized the scan according to your requirements, press “Launch” to perform the scan right away.
Analyzing the Scan Results
After the scan has been completed, you can access the report by going to the Scans page and clicking the name of your scan.
On the scan report page, you will find a variety of information about the scan:
- In the Hosts section, you will find all of the hosts discovered during the scan. The individual hosts can be clicked to find more information about them.
- The Vulnerabilities section will list all of the vulnerabilities the scanner discovered during the scan that are, by default, ranked according to their CVSS score.
- You can also view the “VPR top threats” section, which informs you of vulnerabilities that are prioritized by Tenable’s VPR system.
If you want to export the report for further analysis, click “Export” to download a “.nessus” file.
Frequently Asked Questions
1. Can I use the “essential” version indefinitely?
The free “essential” version of Nessus can be used indefinitely. However, if you are using a trial version of a paid license, there will be an expiry date.
2. A download isn’t listed for Ubuntu 21.10 on the download page. Can I install the package meant for version 20.04 instead?
Yes, the package for version 20.04 should work just fine.
3. Can I use this scanner to scan for the Log4shell vulnerability?
Yes, you can. Nessus is the perfect tool for scanning your network or system for the Log4shell vulnerability. It contains a simple and effective template for this exact purpose.
Our latest tutorials delivered straight to your inbox
