How to Install and Configure Nessus Scanner on Ubuntu 18.04/CentOS 7


Identifying vulnerabilities is the first step towards securing your environment. Nessus is the de-facto industry standard vulnerability assessment solution. It helps to easily identify and fix vulnerabilities – including software flaws, missing patches, malware, and misconfigurations across a variety of operating systems, devices and applications.

In this tutorial, we are going to learn how to install, setup and use Nessus Professional Vulnerability on Ubuntu 18.04 LTS as well as on CentOS 7 server.

Note that Nessus is a commercial solution and in this tutorial, we are going to use a free trial version.

Download and Install Nessus

Nessus installation package can be downloaded from here. Once the download completes, run the installation as follows.

On Ubuntu 18.04

# dpkg -i Nessus-7.2.1-ubuntu1110_amd64.deb

If the installation is successful, you should see an output shown below;

...output snipped...
Unpacking Nessus Scanner Core Components...

- You can start Nessus Scanner by typing /etc/init.d/nessusd start
- Then go to https://<your-hostname>:8834/ to configure your scanner

For CentOS 7

# yum localinstall Nessus-7.2.1-es7.x86_64.rpm
...output snipped...
 Installing : Nessus-7.2.1-es7.x86_64 1/1 
Unpacking Nessus Core Components...
- You can start Nessus by typing /bin/systemctl start nessusd.service
- Then go to https://<your-hostname>:8834/ to configure your scanner

...output snipped...

Where <your-hostname> is the hostname of your machine.

Allow Nessus through Firewall

If firewall is running, you need to open Nessus port 8834 to access the web User Interface.

For Ubuntu and simillar derivatives

# ufw allow 8834
# ufw reload

For CentOS and simillar derivatives;

# firewall-cmd --add-port=8834/tcp --permanent
# firewall-cmd --reload

Start Nessus Deamon

After the installation is complete, you can start Nessus deamon by running the command below as shown in the installation output.

# /etc/init.d/nessusd start

or you can simply use the command below.

# systemctl start nessusd

To enable Nessus to start on system reboot, run the command below;

# systemctl enable nessusd

Set up and Activate Nessus

After initial installation you are required to set up and activate Nessus. Login to UI, using the link as shown in the installation output: https://<your-hostname>:8834/. When you enter that link, add the SSL error that displays as an exception and proceed.

Create Nessus Administrator Account

Next, you are required to create an admin account.

nessus login

You may also create a new Nessus user from Nessus CLI using the command below;

# /opt/nessus/sbin/nessuscli adduser

Register Nessus Scanner

Note that you need an activation code for you to register Nessus. To obtain the trail activation code, you need to register here if you have not done so.

nessus reg

Choose the Scanner Type and enter the activation code. Once the Nessus setup is complete, it will start to initialize by downloading and compiling the plugins needed for scanning. This may take a while though.

nessus init

Once initialization is complete, the Nessus dashboard is launched that looks like the one below;

nessus dash

The installation and setup is now complete and you can now embark on hunting vulnerabilities in your systems.

Learn how to scan assets/hosts using Nessus by following the link below;

How to Scan a Remote Host using Nessus Vulnerability Scanner

Other Related Tutorials

How to Install and Use Nikto Web Scanner on Ubuntu 18.04

How to Install RKHunter (RootKit Hunter) On Ubuntu 18.04

Install OpenVAS 10 (GVM) on Debian 10 Buster

Install OpenVAS 9 with PostgreSQL in Ubuntu 18.04


Please enter your comment!
Please enter your name here