How to Install Nessus on Ubuntu 22.04|20.04|18.04?. In today’s guide, we’ll discuss the process of Installing Nessus on Ubuntu 22.04/20.04/18.04. Nessus is a proprietary vulnerability assessment tool that works for Mobile and Web applications deployed on Premise or in a cloud environment.
Nessus gives you malware detection, scanning of embedded devices, configurations auditing, control systems auditing and compliance checks among other features. Installing Nessus Scanner on Ubuntu 22.04|20.04|18.04 is the first step to securing and hardening your Infrastructure and Applications from the “bad guys”.
With Nessus, you can audit the following environments:
- Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
- Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: Scans cloud applications and instances like Salesforce and AWS
- Compliance: Helps meet government, regulatory and corporate requirements
- Meets PCI DSS requirements through configuration auditing, web application scanning
Install Nessus Scanner on Ubuntu 22.04|20.04|18.04
Nessus Scanner packages are available on Nessus Downloads page. Confirm the latest Nessus Debian package release before downloading it.
As of this article writing, the available release is
Nessus - 10.x . This is what we’ll download and install.
Step 1: Install Nessus Scanner
Download latest release for Ubuntu:
sudo apt update && sudo apt install wget -y wget 'https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/16882/download?i_agree_to_tenable_license_agreement=true' -O Nessus-10.3.0-ubuntu1404_amd64.deb
For Ubuntu , the package name I’m using is:
Install it by running:
$ sudo apt install -f ./Nessus-10.3.0-ubuntu1404_amd64.deb Reading package lists... Done Building dependency tree... Done Reading state information... Done Note, selecting 'nessus' instead of './Nessus-10.3.0-ubuntu1404_amd64.deb' The following NEW packages will be installed: nessus 0 upgraded, 1 newly installed, 0 to remove and 243 not upgraded. Need to get 0 B/53.3 MB of archives. After this operation, 0 B of additional disk space will be used. Get:1 /home/jkmutai/Nessus-10.3.0-ubuntu1404_amd64.deb nessus amd64 10.3.0 [53.3 MB] Selecting previously unselected package nessus. (Reading database ... 200072 files and directories currently installed.) Preparing to unpack .../Nessus-10.3.0-ubuntu1404_amd64.deb ... Unpacking nessus (10.3.0) ... Setting up nessus (10.3.0) ... Unpacking Nessus Scanner Core Components... Created symlink /etc/systemd/system/nessusd.service → /lib/systemd/system/nessusd.service. Created symlink /etc/systemd/system/multi-user.target.wants/nessusd.service → /lib/systemd/system/nessusd.service. - You can start Nessus Scanner by typing /bin/systemctl start nessusd.service - Then go to https://jammy:8834/ to configure your scanner
Step 2: Start and enable nessusd service
sudo systemctl start nessusd
Then enable the service to start on boot:
$ sudo systemctl enable nessusd.service nessusd.service is not a native service, redirecting to systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable nessusd
Confirm service status using:
$ systemctl status nessusd.service ● nessusd.service - The Nessus Vulnerability Scanner Loaded: loaded (/lib/systemd/system/nessusd.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2021-11-08 22:26:06 EAT; 27s ago Main PID: 35361 (nessus-service) Tasks: 12 (limit: 9482) Memory: 59.7M CPU: 27.243s CGroup: /system.slice/nessusd.service ├─35361 /opt/nessus/sbin/nessus-service -q └─35362 nessusd -q Nov 08 22:26:06 ubuntu22 systemd: Started The Nessus Vulnerability Scanner. Nov 08 22:26:06 ubuntu22 nessus-service: Cached 0 plugin libs in 0msec Nov 08 22:26:06 ubuntu22 nessus-service: Cached 0 plugin libs in 0msec
Nessus daemon binds to TCP port
Make sure this port is allowed on firewall if UFW is running:
sudo ufw allow 8834/tcp
Step 3: Configuring Nessus Vulnerability scanner
Visit your Nessus web interface on https://[IP Address|Hostname]:8834 to finish Nessus installation and activation. Create Nessus Administrator Account on the first page.
Before you can use Nessus, you’ll have to obtain an activation code on https://www.tenable.com/products/nessus/activation-code.
For testing purposes, you can go with the “Nessus Home” license.
The License key will be sent to you on email used for signup. Register your Nessus Scanner with emailed activation code.
The Initializing process should start.
Be informed that this could take some time as Nessus download Plugins and prepare the files needed to scan your assets. When done, login with created admin account.
Nessus default page on login should look similar to below.
You should now have Nessus Scanner installed and configured on Ubuntu 22.04/20.04/18.04. Our next articles will cover usage of Nessus for scanning different assets in your Infrastructure.