Installing Nessus Essentials on Kali Linux
Nessus is a powerful attack surface vulnerability scanner from Tenable. Download Tenable Nessus Vulnerability Assessment | Tenable®.
I've seen a few walkthroughs for Nessus Essentials and this is another one, but when I came to install it, I found that with the updates to Nessus, a lot of the screen shots were out of date so I thought I'd do a more recent walkthrough. I'm installing Nessus on a Kali Linux VM running in VMWare Workstation 17 Player (I'll do another write up for that install). I've now created a YouTube walkthrough which you can follow along with and see the install in a live demo here.
Open Firefox and browse to https://www.tenable.com/downloads/nessus - to download Nessus.
Select Version and OS platform (normally picked up be default) and click the Download button:
Accept the Licence Agreement to (feel free to read it all at your leisure):
Once downloaded, open a terminal, sudo su to switch to root (if not already), cd into Downloads folder cd Downloads/ and start typing the following command dpkg -i nessus then hit Tab to auto complete the file path (if it doesn’t auto complete, replace nessus with the full file name) and hit enter:
Once installed run /bin/systemctl start nessusd.service to start the Nessus service:
Then go back to Firefox and browse to https://kali:8834 - You will need to click “Advanced…”, scroll down and then click “Accept the Risk and Continue” as Nessus is using a self signed Certificate that cannot be verified (which is ok as it’s an internal system) to reach the Welcome page:
Click the Continue button and then select “Register for Nessus Essentials” and continue:
You will need to enter your details, this will provide a one time activation code (which cannot be used again so I’ve found that some non genuine details will work fine for me here as I already have a working version in my home lab which I registered with my real details. This install will be torn down with the lab I've created just for a specific course), then click Register:
Then click continue on the next screen:
Create a user name and password - this will be for you to log into Nessus so make sure you write down or remember these details! Then hit “Submit”:
Nessus will then download it’s required plugins, this could take a few minutes:
After a short wait, Nessus will open and start compiling the plugins:
Wait for the plugins to compile, indicated by this spinning update icon. This bit will take many minutes, now’s the time to grab a fresh brew, some lunch, walk the dog … you get the idea. Once it’s gone you’re good to go:
You’re taken to the My Scans page by default where you can explore or run your first scan:
Click the New Scan button in the top right of the screen and you'll be taken to the Scan Templates page. Here you'll see the extent of what Nessus can deliver. As this is the free version of Nessus, some of the templates won't be available, requiring a paid licence to run. In this free version we can scan up to 16 private IP addresses in one go.
For the installation stage, we're now done - congratulations you now have a functioning vulnerability scanner for your lab, home network or small business.
I hope you've enjoyed this walkthrough of Installing Nessus Essentials on Kali Linux, in the next post I'll do a quick walkthrough of "Running your first Nessus Scan". I've not added it here as this post is long enough as it is!
Thanks for reading.
Rich.
No comments:
Post a Comment