Install Nessus Scanner on Rocky Linux 8 / AlmaLinux 8

In today’s article we show you how to install and use Nessus vulnerability scanner on Rocky Linux 8 / AlmaLinux 8. Vulnerability scanning tools are valuable in that they search for known vulnerabilities present in an organization’s IT infrastructure and create reports about them. This then enables an organization to monitor their systems, networks, and applications for security vulnerabilities, and action on open issues to better secure the environment.

A vulnerability scanner identifies and creates an inventory of all IT assets (including virtual machines, dedicated servers, desktop systems, laptops, containers, network switches and routers, printers, among many other devices) connected to a network. For each asset identified it will perform a thorough scanning to obtain details about the system, vulnerabilities and recommendations on how to fix.

What is Nessus?

Nessus is a widely used vulnerability assessment tool that works for both mobile and web applications. Nessus can be deployed on premise or in a cloud environment. It has the capability to scan and detect malware of embedded devices, configurations auditing, compliance checks, among many other functions.

Nessus can be used in the following environments:

• Operating systems: such as Mac, Windows, Linux, BSD, Cisco iOS, Solaris, IBM iSeries.
• Virtualization: For VMware ESX, ESXi,Hyper-V, vSphere, vCenter, and Citrix Xen Server
• Cloud: It can be used to scans cloud applications and instances like Salesforce and AWS
• Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
• Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB.
• Web applications: Web servers, web services, OWASP vulnerabilities

Features of Nessus vulnerability scanner

• It is a mature and well tested solution
• Support for sensitive data discovery
• Smart service recognition
• High-speed asset discovery
• Target profiling, malware detection
• It is scalable solution
• Nessus offers multiple services
• Has full SSL support
• It uses an up-to-date security vulnerability database

Install Nessus Vulnerability Scanner on Rocky Linux 8 / AlmaLinux 8

In this section we’ll perform an installation of Nessus Vulnerability Scanner on Rocky Linux 8 / AlmaLinux 8 system. You need an ssh access to the server to proceed with the installation.

Step 1: Install Nessus on Rocky Linux 8 / AlmaLinux 8

Visit the official Nessus downloads page to download the latest .rpm package for installation.

sudo yum -y install wget
wget 'https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/16876/download?i_agree_to_tenable_license_agreement=true' -O Nessus-10.3.0-es8.x86_64.rpm

After the package is downloaded install it on your local system.

sudo dnf install ./Nessus-10.3.0-es8.x86_64.rpm

Accept installation prompt to proceed.

Dependencies resolved.
======================================================================================================================================================================================================
 Package                                      Architecture                                 Version                                           Repository                                          Size
======================================================================================================================================================================================================
Installing:
 Nessus                                       x86_64                                       10.3.0-es8                                        @commandline                                        48 M

Transaction Summary
======================================================================================================================================================================================================
Install  1 Package

Total size: 48 M
Installed size: 78 M
Is this ok [y/N]: y

Step 2: Manage Nessus service

The name of Nessus systemd unit is nessusd. Start and enable it to start at system boot.

sudo systemctl enable --now nessusd.service 

Let’s confirm if the service was started without any errors:

$ systemctl status nessusd.service
● nessusd.service - The Nessus Vulnerability Scanner
   Loaded: loaded (/usr/lib/systemd/system/nessusd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-10-03 10:11:04 EAT; 5s ago
 Main PID: 1612 (nessus-service)
    Tasks: 12 (limit: 49442)
   Memory: 79.0M
   CGroup: /system.slice/nessusd.service
           ├─1612 /opt/nessus/sbin/nessus-service -q
           └─1613 nessusd -q

Oct 03 10:11:04 rocky8.mylab.io systemd[1]: Started The Nessus Vulnerability Scanner.
Oct 03 10:11:05 rocky8.mylab.io nessus-service[1613]: Cached 0 plugin libs in 0msec

Nessus service should be listening on port 8834. This can be verified as below:

$ sudo ss -plunt|grep 8834
tcp   LISTEN 0      1024         0.0.0.0:8834       0.0.0.0:*    users:(("nessusd",pid=2781,fd=13))    
tcp   LISTEN 0      1024            [::]:8834          [::]:*    users:(("nessusd",pid=2781,fd=15))

Open the port on firewalld.

sudo firewall-cmd --add-port 8834/tcp --permanent
sudo firewall-cmd --reload

Step 3: Access Nessus web dashboard

Nessus is now installed and service is running. To access the web interface use URL https://ServerIP:8834 or https://serverhostname:8834.

In the first page choose Nessus product to deploy from the products list. We’ll choose Nessus Essentials.

An activation code is required to use Nessus. If you didn’t get this request on Downloads page using the link “Get Activation Code“

If you don’t have activation code, provide details to receive the Nessus activation code on your email address.

Enter the activation code received on your email to proceed with Nessus configurations.

Next we create Nessus admin user account. This is a superuser account.

Nessus will automatically initialize and download all the plugins required.

Step 4: Using Nessus Vulnerability Scanner

After Nessus is installed and configured, you can then begin network scan. Input the Network target list or range, for example, 192.168.0.0/24 will scan all hosts in the subnet.

Click on the submit link to get list of available devices detected in the network.

Select all or specific devices in the network to scan for vulnerabilities. Once scan is completed all the vulnerabilities are printed in the screen as shown.

These vulnerabilities have different severity levels – Critical, high medium, and low. Click on each device to get more information about its vulnerabilities.

To initiate a new scan click on New scan as shown in the following screenshot.

Choose scan template and run it.

Conclusion

Nessus is one of the most used vulnerability scanners during vulnerability assessments and penetration testing operations. This tool is free for non-enterprise / home use. If you’re using it in Production and enterprise environment consider purchasing a license from Tenable Security. In our guides to follow we’ll dig deeper into the installation and use of Nessus Agents.

Related guides available on our website.

• Install Nessus vulnerability Scanner on Kali Linux
• Install Nessus Vulnerability Scanner on Debian
• Install Nessus Scanner on Ubuntu
• Best Penetration Testing Books