Install Nessus Scanner on Ubuntu 22.04|20.04|18.04

Posted on 26 views

How to Install Nessus on Ubuntu 22.04|20.04|18.04?. In today’s guide, we’ll discuss the process of Installing Nessus on Ubuntu 22.04/20.04/18.04. Nessus is a proprietary vulnerability assessment tool that works for Mobile and Web applications deployed on Premise or in a cloud environment.

Nessus gives you malware detection, scanning of embedded devices, configurations auditing, control systems auditing and compliance checks among other features. Installing  Nessus Scanner on Ubuntu 22.04|20.04|18.04 is the first step to securing and hardening your Infrastructure and Applications from the “bad guys”.

With Nessus, you can audit the following environments:

  • Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
  • Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
  • Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
  • Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
  • Web applications: Web servers, web services, OWASP vulnerabilities
  • Cloud: Scans cloud applications and instances like Salesforce and AWS
  • Compliance: Helps meet government, regulatory and corporate requirements
  • Meets PCI DSS requirements through configuration auditing, web application scanning

Install Nessus Scanner on Ubuntu 22.04|20.04|18.04

Nessus Scanner packages are available on Nessus Downloads page. Confirm the latest Nessus Debian package release before downloading it.

As of this article writing, the available release is Nessus - 10.x . This is what we’ll download and install.

Step 1: Install Nessus Scanner

Download latest release for Ubuntu:

sudo apt update && sudo apt install wget -y
wget 'https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/16882/download?i_agree_to_tenable_license_agreement=true' -O Nessus-10.3.0-ubuntu1404_amd64.deb

For Ubuntu , the package name I’m using is:

Nessus-10.3.0-ubuntu1404_amd64.deb

Install it by running:

$ sudo apt install -f ./Nessus-10.3.0-ubuntu1404_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'nessus' instead of './Nessus-10.3.0-ubuntu1404_amd64.deb'
The following NEW packages will be installed:
  nessus
0 upgraded, 1 newly installed, 0 to remove and 243 not upgraded.
Need to get 0 B/53.3 MB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 /home/jkmutai/Nessus-10.3.0-ubuntu1404_amd64.deb nessus amd64 10.3.0 [53.3 MB]
Selecting previously unselected package nessus.
(Reading database ... 200072 files and directories currently installed.)
Preparing to unpack .../Nessus-10.3.0-ubuntu1404_amd64.deb ...
Unpacking nessus (10.3.0) ...
Setting up nessus (10.3.0) ...
Unpacking Nessus Scanner Core Components...
Created symlink /etc/systemd/system/nessusd.service → /lib/systemd/system/nessusd.service.
Created symlink /etc/systemd/system/multi-user.target.wants/nessusd.service → /lib/systemd/system/nessusd.service.

 - You can start Nessus Scanner by typing /bin/systemctl start nessusd.service
 - Then go to https://jammy:8834/ to configure your scanner

Step 2: Start and enable nessusd service

Start nessusd service:

sudo systemctl start nessusd

Then enable the service to start on boot:

$ sudo systemctl enable nessusd.service 
nessusd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nessusd

Confirm service status using:

$ systemctl status  nessusd.service 
 nessusd.service - The Nessus Vulnerability Scanner
     Loaded: loaded (/lib/systemd/system/nessusd.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2021-11-08 22:26:06 EAT; 27s ago
   Main PID: 35361 (nessus-service)
      Tasks: 12 (limit: 9482)
     Memory: 59.7M
        CPU: 27.243s
     CGroup: /system.slice/nessusd.service
             ├─35361 /opt/nessus/sbin/nessus-service -q
             └─35362 nessusd -q

Nov 08 22:26:06 ubuntu22 systemd[1]: Started The Nessus Vulnerability Scanner.
Nov 08 22:26:06 ubuntu22 nessus-service[35362]: Cached 0 plugin libs in 0msec
Nov 08 22:26:06 ubuntu22 nessus-service[35362]: Cached 0 plugin libs in 0msec

Nessus daemon binds to TCP port 8834.

nessus-service-listening-port

 

Make sure this port is allowed on firewall if UFW is running:

sudo ufw allow 8834/tcp

Step 3: Configuring Nessus Vulnerability scanner

Visit your Nessus web interface on https://[IP Address|Hostname]:8834 to finish Nessus installation and activation. Create Nessus Administrator Account on the first page.

nessus-create-admin-account

 

Before you can use Nessus, you’ll have to obtain an activation code on https://www.tenable.com/products/nessus/activation-code.

For testing purposes, you can go with the “Nessus Home” license.

nessus-get-home-license-key

 

The License key will be sent to you on email used for signup. Register your Nessus Scanner with emailed activation code.

nessus-register-scanner

 

The Initializing process should start.

nessus-initialization

 

Be informed that this could take some time as Nessus download Plugins and prepare the files needed to scan your assets. When done, login with created admin account.

 

nessus-login-page

Nessus default page on login should look similar to below.

nessus-dashboard

 

You should now have Nessus Scanner installed and configured on Ubuntu 22.04/20.04/18.04. Our next articles will cover usage of Nessus for scanning different assets in your Infrastructure.

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.