{"id":69,"date":"2023-02-06T12:32:25","date_gmt":"2023-02-06T12:32:25","guid":{"rendered":"https:\/\/oneboxinthecloud.com\/?p=69"},"modified":"2024-09-09T11:36:25","modified_gmt":"2024-09-09T11:36:25","slug":"nessus-tool-for-vulnerability-scan","status":"publish","type":"post","link":"https:\/\/oneboxinthecloud.com\/index.php\/2023\/02\/06\/nessus-tool-for-vulnerability-scan\/","title":{"rendered":"Nessus tool for Vulnerability scan"},"content":{"rendered":"\n<p>Nessus is a vulnerability scanner tool that is used to check security compliance of the hosts.<\/p>\n\n\n\n<p>I\u2019ll be installing Nessus free version i.e. Nessus Essential on Ubuntu VM.<br>I have installed Ubuntu 22.04 and assigned static IP to it.<\/p>\n\n\n\n<p>Nessus bits are available here <br><a href=\"https:\/\/www.tenable.com\/downloads\/nessus?loginAttempted=true\">https:\/\/www.tenable.com\/downloads\/nessus?loginAttempted=true<\/a><\/p>\n\n\n\n<p>Please download appropriate file as per the OS in you lab. In my case I have used Nessus-10.3.0-ubuntu1404_amd64.deb.<br><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"888\" height=\"71\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/DownloadBitsForUbuntu.png\" alt=\"\" class=\"wp-image-70\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/DownloadBitsForUbuntu.png 888w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/DownloadBitsForUbuntu-300x24.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/DownloadBitsForUbuntu-768x61.png 768w\" sizes=\"auto, (max-width: 888px) 100vw, 888px\" \/><\/figure>\n\n\n\n<p>To complete Nessus Installation an Activation code is needed. You can Get activation code from the same link above.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"615\" height=\"114\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/GetActivationCode.png\" alt=\"\" class=\"wp-image-71\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/GetActivationCode.png 615w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/GetActivationCode-300x56.png 300w\" sizes=\"auto, (max-width: 615px) 100vw, 615px\" \/><\/figure>\n\n\n\n<p>Click on Get Activation Code.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"929\" height=\"115\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/RegisterForActivationCode.png\" alt=\"\" class=\"wp-image-72\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/RegisterForActivationCode.png 929w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/RegisterForActivationCode-300x37.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/RegisterForActivationCode-768x95.png 768w\" sizes=\"auto, (max-width: 929px) 100vw, 929px\" \/><\/figure>\n\n\n\n<p>Enter necessary details like Name &amp; Email id to get the activation code. In my case I have selected Nessus Essentials.<\/p>\n\n\n\n<p>To install Nessus copy the bits onto the Ubuntu VM.<br>root@ubuntu:\/home\/ubuntu# ls | grep Nessus*<br>Nessus-10.3.0-ubuntu1404_amd64.deb<br>root@ubuntu:\/home\/ubuntu#<\/p>\n\n\n\n<p><strong>Run the installation command<\/strong><\/p>\n\n\n\n<p>root@ubuntu:\/home\/ubuntu# apt install -f .\/Nessus-10.3.0ubuntu1404_amd64.deb<br>Reading package lists&#8230; Done<br>Building dependency tree&#8230; Done<br>Reading state information&#8230; Done<br>Note, selecting &#8216;nessus&#8217; instead of &#8216;.\/Nessus-10.3.0-ubuntu1404_amd64.deb&#8217;<br>The following NEW packages will be installed:<br>nessus<br>0 upgraded, 1 newly installed, 0 to remove and 50 not upgraded.<br>Need to get 0 B\/53.3 MB of archives.<br>After this operation, 0 B of additional disk space will be used.<br>Get:1 \/home\/ubuntu\/Nessus-10.3.0-ubuntu1404_amd64.deb nessus amd64<br>Selecting previously unselected package nessus.<br>(Reading database &#8230; 162782 files and directories currently installed.)<br>Preparing to unpack &#8230;\/Nessus-10.3.0-ubuntu1404_amd64.deb &#8230;<br>Unpacking nessus (10.3.0) &#8230;<br>Setting up nessus (10.3.0) &#8230;<br>Unpacking Nessus Scanner Core Components&#8230;<br>Created symlink \/etc\/systemd\/system\/nessusd.service \u2192 \/lib\/systemd\/system\/nessus&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; d.service.<br>Created symlink \/etc\/systemd\/system\/multi-user.target.wants\/nessusd.service \u2192 \/l&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ib\/systemd\/system\/nessusd.service.<br>&#8211; You can start Nessus Scanner by typing \/bin\/systemctl start nessusd.service<br>&#8211; Then go to https:\/\/ubuntu:8834\/ to configure your scanner<br>root@ubuntu:\/home\/ubuntu#<\/p>\n\n\n\n<p><strong>Start Nessus Scanner by typing \/bin\/systemctl start nessusd.service<\/strong><br>root@ubuntu:\/home\/ubuntu# \/bin\/systemctl start nessusd.service<\/p>\n\n\n\n<p><strong>Check the status of the Nessus service<\/strong><br>root@ubuntu:\/home\/ubuntu# systemctl status&nbsp; nessusd.service<br>nessusd.service &#8211; The Nessus Vulnerability Scanner<br>Loaded: loaded (\/lib\/systemd\/system\/nessusd.service; enabled; vendor prese&gt;<br>Active: active (running) since Thu 2022-09-08 02:40:43 EDT; 1min 17s ago<br>Main PID: 136434 (nessus-service)<br>Tasks: 14 (limit: 1084)<br>Memory: 66.5M<br>CPU: 35.330s<br>CGroup: \/system.slice\/nessusd.service<br>\u251c\u2500136434 \/opt\/nessus\/sbin\/nessus-service -q<br>\u2514\u2500136435 nessusd -q<br>Sep 08 02:40:43 ubuntu systemd[1]: Started The Nessus Vulnerability Scanner.<br>root@ubuntu:\/home\/ubuntu#<\/p>\n\n\n\n<p><strong>Go to https:\/\/UbuntuVM_IP:8834\/ to configure your scanner<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"359\" height=\"531\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-2.png\" alt=\"\" class=\"wp-image-73\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-2.png 359w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-2-203x300.png 203w\" sizes=\"auto, (max-width: 359px) 100vw, 359px\" \/><\/figure>\n\n\n\n<p>Select Nessus version, in my case it Nessus Essentials. Click Continue.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"327\" height=\"422\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-4.png\" alt=\"\" class=\"wp-image-74\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-4.png 327w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-4-232x300.png 232w\" sizes=\"auto, (max-width: 327px) 100vw, 327px\" \/><\/figure>\n\n\n\n<p>Enter the Activation Code &amp; Click Continue.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"315\" height=\"468\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-5.png\" alt=\"\" class=\"wp-image-75\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-5.png 315w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-5-202x300.png 202w\" sizes=\"auto, (max-width: 315px) 100vw, 315px\" \/><\/figure>\n\n\n\n<p>Create administrator user account &amp; Click Submit.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"314\" height=\"355\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-6.png\" alt=\"\" class=\"wp-image-76\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-6.png 314w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/Nessus-Configure-6-265x300.png 265w\" sizes=\"auto, (max-width: 314px) 100vw, 314px\" \/><\/figure>\n\n\n\n<p>Nessus configuration will continue. Let it complete.<\/p>\n\n\n\n<p>After initialization is complete login into Nessus with the administrator account.<\/p>\n\n\n\n<p>Click on the Settings tab, it\u2019ll give details about the installed version.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"269\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage-1024x269.png\" alt=\"\" class=\"wp-image-77\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage-1024x269.png 1024w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage-300x79.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage-768x202.png 768w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage-1536x403.png 1536w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusSettingsPage.png 1711w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Scans can be initiated from the Scans tab then click on +New Scan<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"86\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1-1024x86.png\" alt=\"\" class=\"wp-image-78\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1-1024x86.png 1024w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1-300x25.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1-768x64.png 768w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1-1536x129.png 1536w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage1.png 1727w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>From the Scan templates Select scan template as per your requirement<br>Basic Network Scan or Advanced Scan<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"671\" height=\"524\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage2.png\" alt=\"\" class=\"wp-image-79\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage2.png 671w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage2-300x234.png 300w\" sizes=\"auto, (max-width: 671px) 100vw, 671px\" \/><\/figure>\n\n\n\n<p>Enter Settings for the host to be scanned..like Name, Target(s)<br><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"915\" height=\"647\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage3.png\" alt=\"\" class=\"wp-image-80\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage3.png 915w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage3-300x212.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage3-768x543.png 768w\" sizes=\"auto, (max-width: 915px) 100vw, 915px\" \/><\/figure>\n\n\n\n<p>Enter Credentials \u2013 I have used SSH &amp; Authentication method as password &amp; entered the username &amp; password of the Target to be scanned.<br>You can also consider using SOAP API credentials.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"936\" height=\"362\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage4.png\" alt=\"\" class=\"wp-image-81\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage4.png 936w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage4-300x116.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage4-768x297.png 768w\" sizes=\"auto, (max-width: 936px) 100vw, 936px\" \/><\/figure>\n\n\n\n<p>In Plugins tab all the Plugins are Enabled by default.<br>You can Enable\/Disable them as per your requirement.<br><br>Click on Launch.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"752\" height=\"962\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage5.png\" alt=\"\" class=\"wp-image-82\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage5.png 752w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage5-235x300.png 235w\" sizes=\"auto, (max-width: 752px) 100vw, 752px\" \/><\/figure>\n\n\n\n<p>After scan is complete, the results can be seen by opening the scan results.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"291\" src=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage6-1024x291.png\" alt=\"\" class=\"wp-image-83\" srcset=\"https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage6-1024x291.png 1024w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage6-300x85.png 300w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage6-768x218.png 768w, https:\/\/oneboxinthecloud.com\/wp-content\/uploads\/2023\/02\/NessusScanPage6.png 1535w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The vulnerabilities are classified as Critical, High, Medium, Low, Info.<br>You can click on each vulnerability to get more details about it &amp; remediation details.<\/p>\n\n\n\n<p>If you use Nessus Professional and above version then you can even find out the compliance related pointers.<\/p>\n\n\n\n<p>I hope this data will help you secure your software stack.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nessus is a vulnerability scanner tool that is used to check security compliance of the hosts. I\u2019ll be installing Nessus free version i.e. Nessus Essential on Ubuntu VM.I have installed Ubuntu 22.04 and assigned static IP to it. Nessus bits are available here https:\/\/www.tenable.com\/downloads\/nessus?loginAttempted=true Please download appropriate file as per the OS in you lab. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_mi_skip_tracking":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-69","post","type-post","status-publish","format-standard","hentry","category-labassist"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/posts\/69","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/comments?post=69"}],"version-history":[{"count":4,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":87,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions\/87"}],"wp:attachment":[{"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/media?parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/categories?post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/oneboxinthecloud.com\/index.php\/wp-json\/wp\/v2\/tags?post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}