How to install, configure and use Nessus Vulnerability Scanner on CentOS 8
Nessus is one of the most popular remote vulnerability assessments, trusted by more than 30,000 organizations worldwide. Nessus scans the system and alerts you when it finds any vulnerabilities that malicious hackers can use to gain access. Nessus will not actively prevent attacks, it will check for security vulnerabilities in the infrastructure. It provides a detailed system security report, which will help fix any vulnerabilities and make the server more secure. There are many different versions of Nessus. In this tutorial, we will install the free version of Nessus, called Nessus Essentials, which can scan 16 IPS. Nessus is a cross-platform vulnerability scanner that supports multiple operating systems, but in this article , We will show you how to install Nessue Essentials on Centos 8.
prerequisites
A server running CentOS 8. A root password is configured on your server.
getting Started
Before starting to install Nessue, it is recommended to update your system package to the latest version. To do this, run the following command:
sudo dnf update -y
Install Nessus
For Nessue Essentials, please visit the following URL and click the download button. https://www.tenable.com/products/nessus It will redirect you to https://www.tenable.com/products/nessus/nessus-essentials Here you need to register an activation code. You will get the activation code in the registered email. Then download the Nessus package of CentOS 8.Now upload the Nessus rpm package on the server. Then use the following command to install the package.
sudo rpm -ivh Nessus-8.13.1-es8.x86_64.rpm
Start Nessus on CentOS 8
Now run the following command to start the Nessus service, enable the server at startup and check the Nessue service status by running the following command:
sudo systemctl start nessusd.servicesudo systemctl enable nessusd.servicesudo systemctl status nessusd.service
At this time, the Nessus service runs successfully on the default port 8834. After starting the installation, you need to open this port in the firewall. To do this, run the following command:
firewall-cmd --zone=public --add-port=8834/tcp --permanent
firewall-cmd --reload
Now go to your browser and enter your server name or IP and the default port of Nessus.
https://server_name_or_ip:8834/
Select Nessus Essentials and press the Continue button.
Then press the skip button,
Now, register for Nessus by entering the activation code sent to your registration email.
Next, enter the username and password you want to set up for Nessus login.
At this point, it will take some time to complete the final steps.
At this point, your Nessus installation is successfully completed.
Nessus Management Console:
After the installation is successful, you will see the Nessus login page, where you will log in with your username and password.
After logging in, you can see the dashboard of Nessus Vulnerability Scanner as shown below.
In the dashboard, click the “New Scan” button in the upper left corner of the management console. Here, you can see scan templates, some of which are paid.
In this tutorial, we will perform a basic network scan
You need to define its name and description here. Then select the folder and locate the host IP address or network range.
Configure the credentials of the remote host on the next tab,
After setting, click the save button.
Now you can run the scan by selecting the playback option as shown below.
After the scan is complete, click the “Vulnerabilities” tab to view the list of vulnerabilities found on the remote host.
To get more detailed information about each vulnerability, click on it for detailed information.
in conclusion
In the above tutorial, you learned how to install and use Nessus Vulnerability Scanner. You can explore Nessus Vulnerability Scanner and check other scan templates. You can now scan for any vulnerabilities on remote computers with Nessus Vulnerability Scanner. If you have any questions, please feel free to ask me.