Web File Browser

How to install the Nessus scanner on Debian 11 or 10

0
By on Linux


[ad_1]

Learn the commands to install or remove the Nessus vulnerability scanner on Debian 11 bullseye or 10 buster using the command terminal.

Nessus is a proprietary tool which is also available as a free edition and the main task of this tool is to scan and find vulnerabilities in systems and networks. Such as unauthorized access, weak passwords, flaws that can cause DDOS attacks, missing patches, etc. It is developed and maintained by Tenable. The vulnerability scanner platform can save the scan results in various formats such as plain text, XML, HTML, and LaTeX.

The best thing to install for Windows, Linux, macOS, and FreeBSD. It also supports configuration and compliance audits, SCADA audits, and PCI compliance. In addition to the Free Edition which can be used to scan up to 16 FPS and is suitable for personal or learning use, the Pro Editions are also available with a starting price of $ 2,990 / year.

Well, users can get started with the professional editions with a 30 Day Trail… To scan up to 50,000 hosts, the system requirements for Nessus to function properly are: four 2 GHz processors; Memory: 4 GB of RAM (8 GB of RAM recommended) and Disk space: 30 GB of free space.

Install Nessus Scanner on the Debian 11 server

The steps given here will also be the same for Debian 10, Kali Linux and Ubuntu Linux…

1. Download the Nessus Scanner Deb package

Tenable offers the Nessus scanner via the Deb binary, which the user must download from their official website to install it. So visit the Nessus download page and scroll down to find Debian Linux operating system and download it.

2. Command to install Nessus on Debian 11 or 10

We have already downloaded the Debian binary to configure Nessus on Linux, now everything we download from the browser goes into the Downloads folder, then switch to that folder first.

cd Downloads

Now use the APT package to install the file.

sudo apt install ./Nessus*_amd64.deb

3. Activate and start the analysis services

Once the installation is complete, let’s allow its service to run automatically with Debian 11 booting, and start the same for the current session as well.

sudo systemctl enable --now nessusd

To check the status, type-

sudo systemctl status nessusd

To leave- press Ctrl + C

4. Allow the Nessus port through the firewall

The Nessus works on the port number 8834, so to remotely access its web interface using the browser, we need to open this port in our Debian 11 firewall.

sudo apt-get install ufw
sudo ufw enable
sudo ufw allow 8834

5. Access the web interface

Now open a browser on a system that can access the IP address of the server where you installed the Nessus scanner instance. And indicate it with a port number.

Example– https: //Server IP address: 8834

Replace Server IP address with the real IP of your Debian 11.

To note: If you get an SSL certificate error, click the Advanced button and proceed in a dangerous manner.

6. Choose how you want to deploy Nessus – setup on Debian 11

The initial Nessus web page will ask you to select the product you want to install. Here the first product option you get is free where the rest is paid but available with a trial period.

The essentials of Nessus – The free version for teachers, students and hobbyists
Nessus Professional– The industry standard vulnerability assessment solution for security practitioners.
Nessus Manager – The enterprise solution for managing Nessus Agent at scale.
Managed scanner – Pair your scanner with another Tenable solution such as Tenable.io and Tenable. sc.

7. Get the activation code

Enter your email address and other information to get the activation code, so that we can activate the product for further use. The best way to get the code is to visit the registration page, sign up for a professional or free version to get an activation one.

After that, click on the Jump button and add the code you got on your email.

Get the NEssus activation code

Another way to activate Nessus using the command line (optional).

sudo -i
export PATH=$PATH:/opt/nessus/sbin/ 
source ~/.bashrc
service nessusd stop 
/opt/nessus/sbin/nessuscli fix --reset 
/opt/nessus/sbin/nessuscli fetch --register ACTIVATION-CODE-HERE 
/opt/nessus/sbin/nessusd -R 
service nessusd start

8. Create a user

When you are prompted to create a Nessus Admin user, create it by defining a user name and the corresponding password. After that you will have the working Nessus on your system.

Installing Nessus Scanner on Debian 11 Bullseye

9. Add the NessusCLI command to the system path

By default, to access the Nessus command line, we need to set the full path for nessuscli tool on the terminal of our Debian 11 system. To remove this we just need to add its CLI tools folder to our system path. Learn more about its command line on the official Doc page.

Run the command below in the Debian 10 0r 11 terminal: 

sudo -i
export PATH=$PATH:/opt/nessus/sbin/
source ~/.bashrc
nessuscli help

10. Uninstall Nessus from Debian 11 or 10 (optional)

If you no longer want the Nessus vulnerability scanner on your Debian 11 or 10, use the bewloc command to remove it.

sudo systemctl stop nessusd

sudo apt remove nessus 

[ad_2]

Related posts:

  1. Google Finally Shifts to “Upstream First” Linux Kernel Approach for Android Features
  2. Linux virus removal will not remove or sfc.
  3. MontaVista MVShield support now available for Rocky Linux baselines
  4. Logitech MX Keys Mini is a compact wireless keyboard for Windows, Mac and Linux
Share.

About Author

Leave A Reply