Hands-On Walkthrough

Hands-On Walkthrough: Getting Started with Nessus Vulnerability Scanner

Nessus Vulnerability Scanner has been an industry favorite for years. Files are easy to export, scans are easy to customize, manage; and it runs on a variety of different operating systems. For this walkthrough I will be installing Nessus and configuring a scan to run on a Kali Linux operating system. Making assumptions that you are savvy enough to install a Kali virtual Machine (VM) or Linux VM of some sort. But, if you are not sure how to do this yet check out this link to install a Kali VM on your Windows computer or this link to install a Kali VM on your MacBook (OSX). Follow the options to use Virtual Box which is a free and super cool virtualization software and you will be running VMs in your own home network lab in no time.

Download nessus here (for Kali Linux you’ll want the latest version and it should be a .deb file)

https://www.tenable.com/downloads/nessus

(I am showing the MacOS and Windows versions as an example here but for Kali as of the date of this post the file is "Nessus-10.5.3-ubuntu1404_amd64.deb"

From your terminal command line, browse to the folder where you downloaded the .deb file to (most likely home/youruser/Downloads) send the ls command to ensure that the Nessus file is in this directory

and then run the following command to install:

dpkg -i Nessus*

You should see some “Pass pass pass” and “Success” messages if install went well. Start the Nessus service with this command:

systemctl start nessusd

On your Kali system open a web browser and go to the following address:

https://localhost:8834

Ignore the certificate/SSL warnings and Accept the Risk and Continue

From here you will be prompted to input your registration / activation key for Nessus. You will be on your own to register for the free version of Nessus (Nessus Essentials) but steps are very intuitive.

Enter your e-mail and name, real or fictitious, but make sure you have access to the e-mail address you provide because you will receive an activation key shortly.

You can also complete this step from a different operating system (like your host Windows or OSX) for ease and simplicity and then copy/paste the key into your Kali VM.

Once you have the key input you will be prompted to create a username and password (don’t forget to use your password manager) and Nessus will run some updates and bring you to the main User Interface (UI) when it is done.

You are now ready for your very first vulnerability scan! Since we are ethical hackers you will either need to find a test site or get permission to scan any public assets before you start throwing IPs/websites into the target range and running scans. For our test purposes I am going to scan a website that I own. I encourage you to find a similar site or find a “test” site out on the Internet.

** Vulnerability scans are generally safe to run, but can sometimes cause network issues, latency/bandwidth limitations, and occasionally can crash services and underlying assets. With most scanners there is a “Enable Safe Checks” option which turns the intensity down and tells the scanner to only run through safe plugins and checks for its targets.

This is an easy-to-use and temporarily free tool, but it is a powerful tool and can definitely be abused to cause damage.

Once you are logged in and Nessus has updated and brought you to the main UI, click on the “Scans” on the top left and then “Create New Scan” towards the middle of your screen. Name your scan, input the IP or website address into the targets box, and the click save.

You can click on “Scans” again to ensure that your created scan was saved and from this location of the UI you can choose to start your scan by clicking the “play” looking button.

Here are the results of a scan I just completed against a website that I own. It took 9 minutes, involved 1 Host, and found "17 Vulnerabilities".

Sometimes vulnerabilities are really just informational output that Nessus was able to glean from the host. Don't freak out if you run this against your public IP (firewall, router, etc) and it comes back with a lot of vulnerabilities. DO read through them though and try to understand what Nessus is trying to tell you and ensure that nothing scary actually is public-facing on the Internet.

** Nessus updates its UI, all the time. Buttons, features, instructions may not be exact as of the time date of this post. In general, the Nessus UI is intuitive and easy to figure out, play with it a little and you will get the hang of where to find things <3

Congratulations! You have just completed a vulnerability scan. You have now done the following:

Set up a free-version of a professional and commercial vulnerability scanner;
Completed a vulnerability scan in a legal and ethical manner;
Obtained the knowledge and hands-on experience to set up what I believe is one of the basics of a vulnerability management process.

You can now take this knowledge and put it to use within your home network as well as monitor assets that you choose to put on the public Internet.

Page updated

Google Sites

Report abuse