How to Install Nessus on Ubuntu 22.04|20.04|18.04?. In today’s guide, we’ll discuss the process of Installing Nessus on Ubuntu 22.04/20.04/18.04. Nessus is a proprietary vulnerability assessment tool that works for Mobile and Web applications deployed on Premise or in a cloud environment.
Nessus gives you malware detection, scanning of embedded devices, configurations auditing, control systems auditing and compliance checks among other features. Installing Nessus Scanner on Ubuntu 22.04|20.04|18.04 is the first step to securing and hardening your Infrastructure and Applications from the “bad guys”.
With Nessus, you can audit the following environments:
- Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
- Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: Scans cloud applications and instances like Salesforce and AWS
- Compliance: Helps meet government, regulatory and corporate requirements
- Meets PCI DSS requirements through configuration auditing, web application scanning
Install Nessus Scanner on Ubuntu 22.04|20.04|18.04
Nessus Scanner packages are available on Nessus Downloads page. Confirm the latest Nessus Debian package release before downloading it.
As of this article writing, the available release is Nessus - 10.x . This is what we’ll download and install.
Step 1: Install Nessus Scanner
Download latest release for Ubuntu:
sudo apt update && sudo apt install wget -y
wget 'https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/16882/download?i_agree_to_tenable_license_agreement=true' -O Nessus-10.3.0-ubuntu1404_amd64.debFor Ubuntu , the package name I’m using is:
Nessus-10.3.0-ubuntu1404_amd64.debInstall it by running:
$ sudo apt install -f ./Nessus-10.3.0-ubuntu1404_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'nessus' instead of './Nessus-10.3.0-ubuntu1404_amd64.deb'
The following NEW packages will be installed:
nessus
0 upgraded, 1 newly installed, 0 to remove and 243 not upgraded.
Need to get 0 B/53.3 MB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 /home/jkmutai/Nessus-10.3.0-ubuntu1404_amd64.deb nessus amd64 10.3.0 [53.3 MB]
Selecting previously unselected package nessus.
(Reading database ... 200072 files and directories currently installed.)
Preparing to unpack .../Nessus-10.3.0-ubuntu1404_amd64.deb ...
Unpacking nessus (10.3.0) ...
Setting up nessus (10.3.0) ...
Unpacking Nessus Scanner Core Components...
Created symlink /etc/systemd/system/nessusd.service → /lib/systemd/system/nessusd.service.
Created symlink /etc/systemd/system/multi-user.target.wants/nessusd.service → /lib/systemd/system/nessusd.service.
- You can start Nessus Scanner by typing /bin/systemctl start nessusd.service
- Then go to https://jammy:8834/ to configure your scannerStep 2: Start and enable nessusd service
Start nessusd service:
sudo systemctl start nessusdThen enable the service to start on boot:
$ sudo systemctl enable nessusd.service
nessusd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nessusdConfirm service status using:
$ systemctl status nessusd.service
● nessusd.service - The Nessus Vulnerability Scanner
Loaded: loaded (/lib/systemd/system/nessusd.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-11-08 22:26:06 EAT; 27s ago
Main PID: 35361 (nessus-service)
Tasks: 12 (limit: 9482)
Memory: 59.7M
CPU: 27.243s
CGroup: /system.slice/nessusd.service
├─35361 /opt/nessus/sbin/nessus-service -q
└─35362 nessusd -q
Nov 08 22:26:06 ubuntu22 systemd[1]: Started The Nessus Vulnerability Scanner.
Nov 08 22:26:06 ubuntu22 nessus-service[35362]: Cached 0 plugin libs in 0msec
Nov 08 22:26:06 ubuntu22 nessus-service[35362]: Cached 0 plugin libs in 0msecNessus daemon binds to TCP port 8834.
Make sure this port is allowed on firewall if UFW is running:
sudo ufw allow 8834/tcpStep 3: Configuring Nessus Vulnerability scanner
Visit your Nessus web interface on https://[IP Address|Hostname]:8834 to finish Nessus installation and activation. Create Nessus Administrator Account on the first page.
Before you can use Nessus, you’ll have to obtain an activation code on https://www.tenable.com/products/nessus/activation-code.
For testing purposes, you can go with the “Nessus Home” license.
The License key will be sent to you on email used for signup. Register your Nessus Scanner with emailed activation code.
The Initializing process should start.
Be informed that this could take some time as Nessus download Plugins and prepare the files needed to scan your assets. When done, login with created admin account.
Nessus default page on login should look similar to below.
You should now have Nessus Scanner installed and configured on Ubuntu 22.04/20.04/18.04. Our next articles will cover usage of Nessus for scanning different assets in your Infrastructure.
