Installation on Debian/Kali and Ubuntu
Goto Tenable: Nessus Essentials and register an account to get an activation code.
Nessus-#.##.#-debian6_amd64.debfile and install:
sudo dpkg -i <the package_file.deb filename>
Start the Nessus Service:
sudo /etc/init.d/nessusd start
Open up Firefox and goto https://localhost:8834/. You may be prompted with a security risk alert. Click Advanced… -> Accept the Risk and Continue.
Select the option
Click the Skip button and enter the activation code from the email from Nessus.
Fill out the
Nessus will now install the plugins required for it to function. Takes a long time. Get some tea.
Log in with the account credentials made earlier.
You can have 16 different (IP) targets with this license.
Scans can be configured based on different scan and policy templates. These templates will determine the settings that will be found within the scan policy settings. These are the general settings that can be accessed:
Basic: Specify security-related and organizational aspects of a scan or policy. These aspects will include the name of the scan, the targets of the scan, whether it is scheduled and who has access to it.
Discovery is where the ports to be scanned and the methods to be used in the discovery are set.
Assessment is where and how the type of vulnerability scan to do is set. Nessus will check susceptibility of Web applications to attacks and other systems to brute-force attacks as well. This setting has sections allowing customisation of general scans to Windows, SCADA, Web applications, and even brute-force checks.
Report sets how scan reports are generated and the information that should be included within them.
Advanced sets scan efficiency and the operations of the scan, and allows for enabling scan debugging.
Reset the password for user
./nessuscli chpasswd username
API access is disabled
Nessus displays warning “Nessus has detected that API access on this scanner is disabled” during usage. To fix this issue, stop the Nessus service, reset the configuration, restart Nessus and register again using the activation code.
Stop the Nessus service:
service nessusd stop
Reset the configuration:
/opt/nessus/sbin/nessuscli fix --reset
Start the Nessus service:
Register Nessus using the activation code:
/opt/nessus/sbin/nessuscli fetch --register xxxx-xxxx-xxxx-xxxx-xxxx
Login to Nessus to update plugins.