How to install and use Nessus - the network vulnerability scanner

Wed, Nov 29, 2006

Nessus is a great tool for scanning machines on your network looking for potential vulnerabilities. It’s easy to install on Ubuntu and fairly easy to use. From their site:

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

To install it, you can either open synaptic and install ‘nessus’ and ‘nessusd’ or in a terminal session type:

sudo apt-get install nessus nessusd

Once it’s installed, open up a terminal session and do the following:

sudo nessus-adduser

Now you can add yourself as a nessus user. You’ll be prompted to enter a username, and then hit enter for the pass phrase and create a Login Password.

You’ll be prompted to add some rules. You can add rules to allow users to only look at certain hosts. For yourself, you can have a blank rules file. Simply hit CTRL-D.

You’ll be able to double check what you’ve entered and then OK it.

You’ll have to do a few more things in your terminal session to get this to work. First, let’s set up a link to have Nessus start when your PC does.

sudo ln -fs /etc/init.d/nessusd /etc/rc2.d/S20nessusd

Now we’ll start the daemon.

sudo /etc/init.d/nessusd start

Once you’ve done that, you can type nessus to launch it.

This will bring you to the Nessusd Host window. Make sure you’re username is correct, enter your password and click the Log In button.

For basic use, once you’re logged in, click the Target tab. Enter a target.

Click Start the Scan. Nessus will do it’s thing, and return with a report.

If you’d like to add a shortcut to your Applications menu, then right click on Applications and choose ‘Edit Menus’

Select System Tools and click New Item. Click the Icon button and browse to /usr/share/pixmaps/nessus.xpm to select the Nessus Icon. The rest should look like this: