Nessus is a very popular vulnerability scanner used by tens of thousands of organizations across the globe. And although Nessus doesn’t prevent attacks, it does a fantastic job of checking for vulnerabilities and loopholes in your company’s infrastructure.
With the help of this web-based GUI scanner, you can stay apprised of any issues that might arise on your network servers. I’m going to walk you through the process of installing Nessus Essentials on Rocky Linux.
Nessus Essentials can scan up to 16 IPs. If you need to scan more than that, you’ll have to purchase a license for Nessus Professional, which can scan unlimited IPs and offers plenty of other enterprise-ready features.
With that said, let’s get to the installation.
SEE: Security incident response policy (TechRepublic Premium)
What you’ll need
A running instance of Rocky Linux that is online and up to date.
A user with sudo privileges.
An activation code.
To get an activation code, head over to the Nessus products page, where you’ll be asked to register. Once you register, you’ll receive the activation code in your inbox.
With those three pieces of the puzzle at the ready, let’s get this installed.
How to install the Nessus vulnerability scanner
In the activation email, you’ll see a link to the Nessus download page. Click that link to download the rpm installer for Red Hat/CentOS 8/Oracle Linux 8.
Ah ha! If you’ve installed Rocky Linux without a desktop environment, you’ve already discovered the first issue. You can’t use that download link with wget, because you must agree to a license popup first. Because of that (if your server doesn’t have a GUI), you’ll have to download the file on another machine and use scp to copy the file like so (where XXX is the release number, USER is a remote username on Rocky Linux, and SERVER is the IP address of your Rocky Linux server):
scp Nessus-XXX.rpm USER@SERVER:/home/USER
Once you have the file saved on Rocky Linux, open a terminal window on the server, change into the directory housing the file and issue the command:
sudo rpm -i Nessus-*.rpm
After the installation completes, start and enable Nessus with:
sudo systemctl start nessusd
sudo systemctl enable nessusd
Next, you must open the firewall to the Nessus port; otherwise, you’ll only be able to access the Nessus GUI from the server. To open the port, issue the following commands:
sudo firewall-cmd --zone=public --add-port=8834/tcp --permanent
sudo firewall-cmd --reload
How to access the Nessus GUI
You can now open a browser and point it to https://SERVER:8834 (where SERVER is the IP address of the hosting server). When prompted (Figure A), select Nessus Essentials and click Continue.
In the resulting window (Figure B), click Skip because we already have an activation code.
Now paste the activation code you received via email (Figure C).
At this point, everything slows down. It will take considerable time for the installation to complete (as long as you see Downloading plugins, you should be okay). Walk away–if you don’t, you’ll assume something has gone wrong. Once Nessus hits the compilation step of the plugin installation, it might take up to an hour for this to complete.
After the installation completes, you can log in with the credentials you created and start running scans.
And that’s all there is to getting Nessus installed and running on your Rocky Linux server. Next time around, we’ll walk through the process of running scans on your systems.