Nessus is a vulnerability management tool that helps organizations and network environments identify and address network security issues. It helps in identifying vulnerabilities, potential threats, and irregularities. It plays an important role in maintaining a strong cybersecurity posture.

Features of Nessus:

1. Vulnerability Scanning: Nessus scans network resources, systems, and applications for vulnerabilities such as configuration issues, known software vulnerabilities, and weak passwords.
2. Comprehensive Coverage: Nessus has a wide variety of operating systems, databases, applications, and networking devices, which make it suitable for a variety of IT environments.
3. Regular Updates: Nessus regularly updates its vulnerability database to keep up with the latest security threats, ensuring that organizations can identify emerging vulnerabilities.
4. Customizable Scans: Nessus allows users to create custom scan schedules, define target hosts, and tailor the scanning process to specific security requirements.
5. Real-Time Reporting: Nessus provides detailed and actionable reports highlighting identified vulnerabilities, risk levels, and suggested corrective action steps. This information helps organizations prioritize and address the most important issues.

Advantages of Nessus:

1. Proactive Defense: Nessus helps organizations identify vulnerabilities before attackers can exploit them, enabling them to take proactive security measures.
2. Comprehensive Vulnerability Detection: Nessus covers a wide range of vulnerabilities, ensuring a thorough scan and detection of potential threats.
3. Customization: Users can customize the scans to their specific needs, allowing Nessus to adapt to different networks.
4. Real-Time Reporting: Detailed and real-time reporting helps organizations understand security status and prioritize mitigation actions.
5. Support for Authenticated Scans: The certified scan provides accurate and detailed results by analyzing systems from the occupant’s perspective.

Disadvantages of Nessus:

1. Cost: Nessus offers limited free versions, but advanced features are available through paid subscriptions, which can be costly for smaller organizations.
2. Complexity: Nessus may require some expertise to properly configure and manage it, especially for larger and more complex networks.
3. False Positives: As with any vulnerability detection tool, Nessus can sometimes generate false positives, thus requiring manual verification of the findings.
4. Resource Intensive: Analyzing large networks can be resource-intensive, which affects network performance during scanning.
5. Continuous Monitoring: Nessus provides an analysis of temporal vulnerability. To maintain an up-to-date security status, organizations should conduct regular scans.

How to Install Nessus on Linux?

The below process involves downloading and installing the Nessus package on a Linux system.

Prerequisites:

• A Linux system (Ubuntu, CentOS, etc.)
• Root or sudo access

Steps to Install Nessus on Linux

Step 1. Download Nessus:

Visit the Tenable Nessus website and sign up for a Nessus Home edition account (if you don’t have one):

After signing up, you’ll receive a link to download the Nessus package and also receive an activation code. Download the appropriate package for your Linux distribution.

Step 2. Install Nessus:

After downloading the Nessus package to your Downloads directory:

• For Debian/Ubuntu:

sudo dpkg -i /path/to/Nessus-<version>-<platform>.deb

• For CentOS/RedHat:

sudo rpm -ivh /path/to/Nessus-<version>-<platform>.rpm

Note: Replace ‘<version>’ with the version number you downloaded, and ‘<platform>’ with the appropriate platform identifier.

Step 3. Start the Nessus Service:

After installation, start the Nessus service:

sudo systemctl start nessusd

Verify that the service is running by running the following command.

sudo systemctl status nessusd 

If it is disabled then run the following command to enable it.

sudo systemctl enable nessusd

Now check whether it is enabled or not.

sudo systemctl status nessusd 

Step 4. Access the Nessus Web Interface:

Open a web browser and navigate to ‘https://localhost:8834‘.

You might encounter a security warning due to the default self-signed SSL certificate used by Nessus. Accept the security risk and proceed.

Step 5. Activate Nessus:

On the Welcome to Nessus screen, select the product version, Nessus Essentials.

On the Get an activation code screen select skip, as you have previously obtained the activation code.

Enter the code to activate Nessus.

Step 6. Set Up a Username and Password:

After activation, Create a Nessus user account (username and password). This account will be used to access the Nessus web interface.

Step 7. Log in to Nessus:

Log in to the Nessus web interface using the account you just created.

Step 8. Finish the Setup:

That’s it! You now have Nessus installed and running on your Linux system. You can use the Nessus web interface to start scanning your network for vulnerabilities.

Let’s go over two practical examples of using Nessus for vulnerability scanning.

How to Use Nessus on Linux?

Example 1: Basic scan

In this example, we will perform an initial vulnerability scan on the target system using Nessus.

Step 1: Start Nessus

Verify that you have turned on the Nessus service with the following command:

sudo systemctl start nessusd

Step 2: Go to the Nessus Web Connection

Open a web browser and navigate to https://localhost:8834. Log in with your Nessus username and password.

Step 3: Create a New Scan

1. Click on the “Scans” tab in the top navigation bar.

2. Click the “New Scan” button.

3. Select the “Basic Network Scan” template.

Step 4: Configure the Scan

In the “Targets” section, enter the IP address or hostname of the target system you want to scan. You can leave other settings at their default values for this basic example.

Step 5: Start the Scan

Click the “Save” button to save the scan configuration, then click the “Launch” button to start the scan.

In this example, we started a basic network scan using Nessus. We provided the target’s IP address or hostname and used the “Basic Network Scan” template. This scan looks for common vulnerabilities in the target system.

Example 2: Create a Report

In this example, we will create a report from the results of a previous scan.

Step 1: Wait for the scan to complete

Wait for the scan to complete. Depending on the size of the target network, this can take some time.

Step 2: Access Scan Results

Once the scan is complete, go to the “Scans” tab. Click on the scan you performed earlier (“Basic Scan“).

Step 3: Generate a Report

1. In the scan details page, click the “Export” button.
2. Select the format for the report (e.g., PDF, HTML).
3. Choose the report template (e.g., “Executive Summary“).
4. Click the “Generate” button.

Step 4: Download the Report

Once the report is generated, you’ll see a link to download it. Click the link to download the report in the selected format.

In this example, we get the scan results and generate a report. Nessus offers a variety of report templates, such as “Executive Summary” and “Full Audit”.

Conclusion

In conclusion, Nessus is a powerful vulnerability management tool that can be installed on Linux systems to proactively identify and address security issues in network environments. By following the installation steps, users can set up Nessus and access its web interface to conduct vulnerability scans. It offers flexibility in scan customization, real-time reporting, and a wide range of features, making it a valuable asset for maintaining strong cybersecurity. Users can perform basic scans and generate reports to gain insights into potential vulnerabilities, thereby bolstering their organization’s security posture. However, it’s essential to be aware of its cost for advanced features, potential complexity in configuration, and the need for continuous monitoring to ensure up-to-date security status.