How to Install and configure Nessus Vulnerability Scanner on Debian
The Nessus Tool is a popular and well-known vulnerability assessment tool that can be used to assess vulnerabilities in both web-based and mobile applications, on-premises, and in the cloud. The tool can be used to scan and detect malware in embedded devices, conduct configuration audits, check compliance, etc. In order to scan a network, Nessus uses plugins, which can be described as the individual code pieces Nessus employs for a particular scan type. Nessus plugins come in many flavors and are very flexible. Let us get started with the installation process.
Step 1: Getting your system up and running
Those who already have a system up and running should skip this step and do update their system.
- Sign in to your system or register a newly created one by logging in to your VPSie account.
- Connect by SSH using the credentials we emailed you.
- Once you have logged into your Debian instance, run these commands to update your system.
# sudo apt update # sudo apt -y upgrade
Step 2: Download and Install Nessus Vulnerability Scanner
Installing Nessus on Debian is as easy as downloading the .deb package from the Nessus download page. You can install Nessus by running the following command after downloading the file.
# cd Downloads # sudo apt install -f ./Nessus-10.0.2-debian6_amd64.deb
Step 3: Launch and enable the Nessus service
Run the following commands to start and enable the nessusd service:
# sudo systemctl start nessusd # sudo systemctl enable nessusd.service
Check if the service is running:
# systemctl status nessusd.service
Make sure Nessus is listening on port 8834:
# sudo ss -plunt|grep 8834
Allow the port(8834) Nessus listens on if you have a UFW enabled:
# sudo ufw allow 8834/tcp
Step 4: Configure Nessus
You can now access the web interface at https://{ServerIP}:8834.
We will now install Nessus Essentials. Nessus will send you an activation code via email after you provide your details.
Set up an admin account for Nessus.
Plugins required by Nessus will be compiled and installed during this process. Please be patient during this process.
Step 4: Scan for vulnerabilities using Nessus
After you finish, the scanning process can begin. Specify the network range or target list, so if you specify 104.218.122.0/24, the entire subnet will be scanned. Next, you will be able to see a list of hosts from which you can choose one to begin scanning.
In My scan section, you can find the results after the scan has been completed. Select the scan report you just completed and look at it.
It’s worth checking out the available scan templates. Below are the templates I’ve got.
On your Debian system, we have successfully installed and configured Nessus Vulnerability Scanner. A scan of various systems on a network has also been conducted to check if vulnerabilities exist.
Thanks for reading! I hope it was informative for you!