Tenable – Nessus Vulnerability Scanner
Synopsis
Tenable Nessus is a widely-used vulnerability scanner that helps organizations identify and remediate security vulnerabilities in their IT environments. The free version of Nessus, known as Nessus Essentials, offers essential vulnerability scanning capabilities for small environments and individual use.
What is Nessus
Nessus is a vulnerability assessment tool developed by Tenable, Inc. It scans systems to identify potential vulnerabilities, including missing patches, misconfigurations, and other security issues. Nessus Essentials, the free version, allows up to 16 IPs to be scanned and is ideal for personal use or small business environments.
Instructions:
Step 1: Download Nessus
1.1 Go to Tenable and find the version based on your system. In this case, we’re using Ubuntu 22.04
1.2 Select “Download by curl” and copy the command.
1.3 Change to your Downloads directory, paste the copied code, and click enter to download the package.
1.4 Install and Start Nessus Services
sudo dpkg -i .deb (This is the package name you downloaded)
sudo systemctl start nessusd.service
sudo systemctl enable nessusd.service
Step 2: Initial Setup
2.1 Open a web browser and navigate to https://localhost:8834
It will show that your connection is not private, but that’s ok. Click on “Proceed to localhost (unsafe)”
Follow the prompts to set up Nessus. You will need to create a Nessus account and enter the activation code received during registration. You’ll want to select “Register for Nessus Essentials.” Typically, it will auto-activate, and you can select “continue.”
Step 3: Creating a Scan
3.1 Log in to the Nessus web interface.
3.2 Located on the top right corner, click on “New Scan.”
Note: Before creating a scan, the plugins will need to finish updating. You can check the progress in the top right corner.
3.3 Choose a scan template. We’ll keep this example simple and run a Basic Network Scan.
3.4 Configure the scan settings, including the target IP addresses. Then save the scan.
3.5 Run the scan.
3.6 Click on the completed scan to review the summary.
3.7 Click on the Vulnerabilities tab to review the details.
Use Case:
A typical use case for Nessus Essentials is an IT administrator in a small business or a security enthusiast conducting vulnerability assessments on a limited number of devices. For example:
Small Business: A small business with a limited number of servers and workstations can use Nessus Essentials to identify vulnerabilities and ensure their systems are secure.
Security Enthusiast: An individual learning about cybersecurity (like you) can use Nessus Essentials to practice vulnerability scanning and improve their skills.
For instance, a small web development firm might use Nessus Essentials to regularly scan their development and production servers for vulnerabilities, ensuring they are patched and secure against potential threats.
Conclusion
Nessus Essentials provides powerful vulnerability scanning capabilities for free, making it an excellent choice for small environments and individual users. By using Nessus, users can proactively identify and address security vulnerabilities, enhancing their overall security posture.
References