Nessus is a network scanner that tries to detect potential security vulnerabilities in the machines of a network (based on a list of known vulnerabilities).
Note that the Nessus vulnerability and threat database is updated daily, but you are also allowed to create your own plugins due to Nessus modularity.
Here is how to install Nessus (on Debian) and how to use it to scan a machine.
Nessus consists of 2 parts: the server and the client.
- This is the server that performs safety tests.
- The client may be located on another machine, and ask the server to perform a safety test on one or more machines.
sudo install nessus nessusd
We must add users to the Nessus server to allow them to carry out safety tests.
- Login: Enter the user name
- Authentication: Just press ENTER (selection of 'password' as an authentication)
- Login password: Enter the password for the user
- Login password (again): Enter the password.
- User rules: You can leave it empty. Just press CTRL + D
- Is that ok? : Confirm the creation of the user and there ENTER
jak@ubuntu:~$ sudo nessus-adduser
Using /var/tmp as a temporary file holder
Add a new nessusd user
Login : john
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
nessusd has a rules system which allows you to restrict the hosts
that john has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules syntax
Enter the rules for this user, and hit ctrl-D once you are done :
(the user can have an empty rules set)
Login : john
Password : ***********
Is that ok ? (y/n) [y] y
Starting Nessus Server
Start the Nessus server: sudo /etc/init.d/nessusd start
==Nessus Server Connection==
Start the Nessus client (start Nessus in a terminal or Applications Menu> Internet> Nessus Ubuntu)
Enter the Nessus server address, and the login and password, then click "Log in".
As the certificate of your Nessus server has not been signed by a certification authority, select the first option:
The certificate will then be shown: Accept it by clicking Yes.
Using the Nessus client
By default, the plugins at may crash down machines to be tested are disabled.
(Nessus also warn you of it by a small popup window.)
You can leave the defaults in the first instance.
- Plugin tab lets you choose among the tests.
- Credentials tab allows you to provide any logins / passwords to access the machines to test.
- Scan options you can choose which ports to test and how to detect an open port.
- Target can choose what to test: You can enter the IP address or the name of the machine to be tested.
Enter the IP address of the machine to be tested in the Target tab and click "Start the scan" at the bottom of the screen.
Leave the test be conducted:
Simply click on results to check out results (you can see the results by machine, by subnet, port, by severity ...)
Nessus has a rights management to describe precisely what are the rights assign to a user.
It is important to maintain the list of plugins up to date so that Nessus is able to detect the latest vulnerabilities.
Run regularly nessus-update-plugins: sudo nessus-update-plugins
If you use a proxy, create /etc/nessus/nessus-fetch.rc
file and put in the address of the proxy and the login/passwords also: