How to Install and Configure Nessus Vulnerability Scanner on Kali Linux

“Nothing is fault-free in the universe”, this is true for information systems too. Whether they are computer systems, mobile apps, websites, or IOT devices all are surrounded by an inherent risk. Vulnerabilities arise every day with the security specialist engaged in fixing them and the hackers working to exploit them. Security specialists use specialized software called vulnerability scanners that scans systems for security flaws and vulnerabilities. There are many tools available in the market for vulnerability scanning. Nessus is an example of such a system.

What is Nessus Used for?

Nessus is one of the most popular vulnerability scanner tools that was once ranked first in the security tools checklist of Nmap Software LLC. Although it is now dropped to the third position in the list, it is still a powerful remote security scanning tool. It is available for major Linux distributions, Mac OS X and Windows 7, 8, and 10. Also, Nessus can be used with Docker. You need to only pull its' docker image from here.

What will we cover?

In this guide, we will see how to install Nessus on Kali Linux. Let us get started with Nessus installation and configuration.

Pre-requisites

1. User account with administrative privileges.
2. Internet connection for downloading various files.

Installing Nessus On Kali Linux

Nessus comes in three variants: Nessus Essentials, Nessus Professional, and Tenable.io. Nessus Essentials is free to use but it is limited to scanning 16 IPs. We will use this variant for this guide. Let’s get into the installation process:

Step 1. Head over to the Tenable products page for Nessus and click on the download button under the description for “Nessus Essentials.”

Step 2. Now before proceeding further, we first need to register with a business email:

Step 3. When you have registered, you will get a link on your email for activation code. This activation code will check the product to install. For now just click on Download on the new page to proceed further:

Note: The above activation code is a one-time code. Every time you install Nessus, you will need to obtain one.

Step 4. On the subsequent page, choose the appropriate version for your system. In our case, we are choosing the Kali Linux option. 

Step 5. Accept the License Agreement by clicking the ‘I Agree’ button. This will start downloading the file:
Step 6. Now go to the download folder and open it in a command prompt. Now we will use the below command to install the downloaded .deb file. The file name in our case is ‘Nessus-10.0.1-debian6_amd64.deb’. In your case, it may be slightly different.

$ sudo dpkg -i Nessus-10.0.1-debian6_amd64.deb

Step 7. Once installed we need to start the Nessus service. Just run the below command for this:

$ sudo systemctl start nessusd.service

To enable the service to start automatically from next boot, use the following command:

$ sudo systemctl enable nessusd

Verify the status of the service using:

$ sudo systemctl status nessusd

Step 8. Okay, we are now set to configure Nessus from the web browser. We will need the activation code we obtained from Tenable, so keep it handy. Now open your web browser and navigate to the url:

https://kali:8834/

The default user interface port in Nessus is 8834, be sure that it is not in use by any other service.

If you see a warning window like the one below, just click on the ‘Advanced...’ button and click ‘Accept the Risk and Continue’. This warning arises because Firefox does not trust the certificates provided by Nessus. This is normal behavior. To bypass this SSL warning, one can use the browser settings.Advertisement

Step 9. On the welcome window, choose the Nessus Essentials option and click continue.

Step 10. The next window will ask you to enter some details to get you the Activation code. As we have already received the one, we can safely skip this step.

Now enter the Activation code on the next window: Step 11. Now create a user account by entering a username and a password as shown below:

Step 12. Once you have submitted the user account information, it will start downloading various required plugins:

It may take some time to download and install these plugins, so take a break and have a coffee.

Hopefully, your installation is successful, we can now move on. Now you will see a login window, enter your account details here:

When you logon, a welcome screen prompts. For now, close this window. Hopefully, we will later see how to create a custom vulnerability scan policy.

Conclusion 

Network security is a crucial part of an organization for securing its IT assets. With tools like Nessus, we can identify threats and vulnerabilities before they are exploited by an attacker. This helps to reduce the attack surface and enhance overall network security. To efficiently use these tools we suggest taking proper training before using it in a real environment. Tenable also provides on-demand training to effectively use its product.