Thursday, December 26, 2024
Google search engine
HomeGuest BlogsInstall Nessus Vulnerability Scanner on Debian 11/10/9

Install Nessus Vulnerability Scanner on Debian 11/10/9

.tdi_3.td-a-rec{text-align:center}.tdi_3 .td-element-style{z-index:-1}.tdi_3.td-a-rec-img{text-align:left}.tdi_3.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_3.td-a-rec-img{text-align:center}}

If you have been wondering how to install Nessus Vulnerability Scanner on Debian 11/10/9 then you should worry no more. In this guide, we will go through how to install Nessus Vulnerability Scanner on Debian Linux system.

Nessus is a popular and widely used vulnerability assessment tool that works for both web and mobile applications and can be deployed on Premises or in a cloud environment. It scans and detects malware of embedded devices, configurations auditing, compliance checks among many other functions. Nessus can be used to scan and audit the following environments.

  • Virtualization: For VMware ESX, ESXi,Hyper-V, vSphere, vCenter, and Citrix Xen Server
  • Operating systems: such as Mac, Windows, Linux, BSD, Cisco iOS, Solaris, IBM iSeries.
  • Cloud: It can be used to scans cloud applications and instances like Salesforce and AWS
  • Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB.
  • Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage.
  • Web applications: Web servers, web services, OWASP vulnerabilities

Features of Nessus

  • High-speed asset discovery
  • Sensitive data discovery
  • Smart service recognition
  • Target profiling, malware detection
  • Configuration auditing
  • Scalable: It quickly exploits the systems strengths, so it can increase its scanning efficiency.
  • Offers multiple services
  • Full SSL support
  • The biggest user base
  • Up-to-date security vulnerability database
  • Proven maturity: with the first public release of Nessus in 1998. Ever since the technology behind it has been extensively tested and perfected, on huge networks over time.

Install Nessus Vulnerability Scanner on Debian 11/10/9

Nessus Vulnerability scanner is installed on Debian 11/10/9 by downloading the latest available packages from the official Nessus Downloads page. As of this writing, the latest available version was at Nessus – 10.x

.tdi_2.td-a-rec{text-align:center}.tdi_2 .td-element-style{z-index:-1}.tdi_2.td-a-rec-img{text-align:left}.tdi_2.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_2.td-a-rec-img{text-align:center}}

Step 1 – Download and Install Nessus

From the official Nessus downloads page, you can download the .deb package for installation on Debian. For Debian installation, I downloaded a package with the name Nessus-10.x-debian6_amd64.deb

sudo apt update && sudo apt install wget -y
wget 'https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/16870/download?i_agree_to_tenable_license_agreement=true' -O Nessus-10.3.0-debian9_amd64.deb

Now with the package downloaded, navigate to the downloads directory and install Nessus with the command below.

sudo apt install -f ./Nessus-10.3.0-debian9_amd64.deb

Sample Output:

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'nessus' instead of './Nessus-10.3.0-debian9_amd64.deb'
The following NEW packages will be installed:
  nessus
0 upgraded, 1 newly installed, 0 to remove and 9 not upgraded.
Need to get 0 B/53.3 MB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 /root/Nessus-10.3.0-debian9_amd64.deb nessus amd64 10.3.0 [53.3 MB]
Selecting previously unselected package nessus.
(Reading database ... 33876 files and directories currently installed.)
Preparing to unpack .../Nessus-10.3.0-debian9_amd64.deb ...
Unpacking nessus (10.3.0) ...
Setting up nessus (10.3.0) ...
Unpacking Nessus Scanner Core Components...
Created symlink /etc/systemd/system/nessusd.service → /lib/systemd/system/nessusd.service.
Created symlink /etc/systemd/system/multi-user.target.wants/nessusd.service → /lib/systemd/system/nessusd.service.

 - You can start Nessus Scanner by typing /bin/systemctl start nessusd.service
 - Then go to https://debian11:8834/ to configure your scanner

Step 2 – Start and enable the Nessus service

With the Nessus Vulnerability scanner installed successfully, start and enable the nessusd service on Debian 11/10/9 with the commands.

sudo systemctl start nessusd
sudo systemctl enable nessusd.service 

Verify if the service is running:

$ systemctl status  nessusd.service 
 nessusd.service - The Nessus Vulnerability Scanner
     Loaded: loaded (/lib/systemd/system/nessusd.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-10-02 06:14:00 UTC; 5s ago
   Main PID: 2177 (nessus-service)
      Tasks: 12 (limit: 18710)
     Memory: 114.5M
        CPU: 5.274s
     CGroup: /system.slice/nessusd.service
             ├─2177 /opt/nessus/sbin/nessus-service -q
             └─2178 nessusd -q

Oct 02 06:14:00 debian11 systemd[1]: Started The Nessus Vulnerability Scanner.
Oct 02 06:14:02 debian11 nessus-service[2178]: Cached 0 plugin libs in 0msec
Oct 02 06:14:02 debian11 nessus-service[2178]: Cached 0 plugin libs in 0msec

Nessus listens on port 8834. Verify this as below.

$ sudo ss -plunt|grep 8834
tcp   LISTEN 0      1024         0.0.0.0:8834       0.0.0.0:*    users:(("nessusd",pid=2781,fd=13))    
tcp   LISTEN 0      1024            [::]:8834          [::]:*    users:(("nessusd",pid=2781,fd=15))

If you have ufw enabled, allow this port through the firewall as below.

sudo ufw allow 8834/tcp

Step 3 – Configure Nessus Vulnerability Scanner

At this point, the Nessus web interface can be accessed using the URL https://IP-Address:8834 or https://Hostname:8834 to finish the Nessus installation and activation. You will see this page.

Install Nessus Vulnerability Scanner on Debian 11109

There are several products for the installation, I will go with Nessus Essentials. Now proceed and provide details to receive the Nessus activation code on your email address.

Install Nessus Vulnerability Scanner on Debian 11109 1

Now with the activation code received on your email, enter it on this page and proceed.

Install Nessus Vulnerability Scanner on Debian 11109 2

On this page, create a Nessus admin account.

Install Nessus Vulnerability Scanner on Debian 11109 3

Nessus will initialize and several plugins required will be compiled and installed.

Install Nessus Vulnerability Scanner on Debian 11109 4

This process might take quite some time, so sit back and relax as you wait for the process to complete.

Step 4 – Use Nessus Vulnerability Scanner

Once complete, you can begin your scan. Enter your Network target list or range, for example, 192.168.205.0/24 will scan all hosts on the subnet.

Install Nessus Vulnerability Scanner on Debian 11109 5

Click submit and the available devices on the network will be shown.

Install Nessus Vulnerability Scanner on Debian 11109 6

Select the desired devices to scan for vulnerabilities. When a scan is run, all the vulnerabilities will be shown as below.

Install Nessus Vulnerability Scanner on Debian 11109 7

Critical, high medium, and low vulnerabilities will be shown for each device and you can show the information by clicking on the vulnerability as shown below for 192.168.205.4.

Install Nessus Vulnerability Scanner on Debian 11109 8

While on the main dashboard, you can do other scans by clicking on New scan as shown.

Install Nessus Vulnerability Scanner on Debian 11109 9

Select the type of scan you want to run and proceed.

Install Nessus Vulnerability Scanner on Debian 11109 10

That marks the end of this guide, we have successfully installed and configured Nessus Vulnerability Scanner on Debian 11/10/9. We have also performed a scan and seen how vulnerabilities can be detected on various systems on a network.

I hope you enjoyed it.

See more on this page:

.tdi_4.td-a-rec{text-align:center}.tdi_4 .td-element-style{z-index:-1}.tdi_4.td-a-rec-img{text-align:left}.tdi_4.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_4.td-a-rec-img{text-align:center}}

RELATED ARTICLES

Most Popular

Recent Comments