What are the steps to utilize Nessus for vulnerability scanning on Ubuntu?

Nessus is a vulnerability scanning tool created by Tenable Inc. It’s a subscription-based tool that scans all ports on a computer or server for known vulnerabilities and exploits, providing reports in various formats.

Nessus uses an up-to-date database of vulnerabilities to identify potential security issues. It’s user-friendly and doesn’t require advanced knowledge of operating systems or command-line tools, making it a great tool for the reconnaissance stage of a security penetration test.

Nessus comes in three versions:

Nessus Essentials: A free version with basic tools for regular vulnerability scans.

Nessus Professional: Offers more features than the Essentials version, suitable for professional penetration testers and security experts.

Nessus Expert: The most comprehensive version, ideal for small IT departments and enterprises.

For this demonstration, we’ll use the Nessus Essentials version. The installation process is similar for all versions.

Prerequisites

Before starting this tutorial, make sure you have the following:

– A server or virtual machine running Ubuntu 22.04 (either the Desktop or Server version).

– At least 4 GB of RAM on the machine (though 8 GB is recommended for larger scans).

– A minimum of 5 GB of free space on the Ubuntu machine for installing Nessus Essentials.

– The machine should have at least a dual-core processor (4 cores minimum). More cores will speed up the scanning process.

– The processor should have a speed of 1 GHz or higher.

– (Optional) Another machine to perform the vulnerability scan on. This target machine should also run Ubuntu, have a non-root user account, and access to the root account if needed.

– A supported web browser (like Google Chrome or Mozilla Firefox). This tutorial uses Mozilla Firefox.

Now, let’s move on to the installation part of this tutorial.

Installing the Nessus Essentials Tool

Follow these steps to install Nessus Essentials on your Ubuntu machine:

Step 1: Download the Nessus Installation Package. Use the following curl command to download the Nessus installation package for Ubuntu:

# curl --request GET --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.4.2-ubuntu1404_amd64.deb' --output /tmp/'Nessus-10.4.2-ubuntu1404_amd64.deb'

This will download the Nessus installation file to the /tmp folder.

Step 2: Use the dpkg command to install Nessus.

# dpkg -i /tmp/Nessus-10.4.2-ubuntu1404_amd64.deb

Step 3: After the installation, start the Nessus service with this command:

# /bin/systemctl start nessusd.service

Step 4: Open your browser and go to:

http://localhost:8834/

Step 5: If you see a security warning, click on “Advanced” and then “Continue” to access the Nessus interface. It’s safe to proceed.

Setting Up Nessus in a Local Browser

Follow these steps to set up Nessus in your browser:

Step 1: Go to http://localhost:8834/ in your web browser to access the Nessus interface.

Step 2: On the Welcome screen, click on Nessus Essentials to continue with the free version.

If you have a subscription to Nessus Professional or Nessus Expert, you can select those options instead.

Step 3: Enter your Name and Email address to receive an activation code for Nessus Essentials.

If you already have an activation code, skip this step.

Step 4: Check your email for the activation code.

Enter the code in the activation field and continue.

Step 5: Choose a username (e.g., “Nick”) and create a strong password.

This will be your admin account for Nessus.

Step 6: Next, install Necessary Plug-ins. Nessus will begin installing the required plug-ins.

This process might take some time, depending on your internet speed and system performance.

Step 7: Once the plug-ins are installed and a confirmation message appears, you can proceed to use Nessus.

Configuring Nessus Scan Settings to Run a Vulnerability Scan

Follow these steps to set up and run a vulnerability scan in Nessus:

Step 1: Go to the My Scans folder on the Nessus homepage. If this is your first time using Nessus, there will be no existing scans.

Step 2: Click the New Scan button in the top right corner of the dashboard.

Step 3: On the Scan Template page, you’ll see three categories:

– Discovery

– Vulnerability

– Compliance

Choose the Vulnerability category and select Basic Network Scan.

Step 4: Configure Basic Settings:

General:

– Enter the target system’s name and IP address.

– Optionally, add a description and change the folder if needed.

Schedule:

– Leave the schedule off unless you need to set a specific time for the scan.

Notifications:

– Leave this empty if you don’t need email notifications.

Step 5: Set Discovery Scope:

– Choose Common Ports to scan the most used ports for quicker results.

– Options include:

Common Ports (default)

All Ports

Custom Ports

Step 6: Configure Assessment Settings:

– Select Default to scan for basic vulnerabilities.

– Other options include:

Scan for known web vulnerabilities

Scan for all web vulnerabilities (quick)

Scan for all web vulnerabilities (complex)

Custom

Step 7: Customize Report Settings:

– Under Processing, check:

Show missing patches that have been superseded.

Hide results from plugins initiated as a dependency.

– In the Output Section, choose the format (HTML or XML) for the report.

Step 8: Set Advanced Options (Optional):

– Use Default settings for basic scans:

Scans up to 30 hosts with a 5-second timeout.

– For lower bandwidth networks, adjust settings to increase timeout and reduce the number of hosts scanned.

By following these steps, you’ll be able to run a Basic Network Scan with minimal customization, perfect for initial vulnerability assessments.

Performing a Vulnerability Scan with Nessus

Follow these steps to run a basic vulnerability scan with Nessus:

Step 1: Find the IP Address of the Target Machine.

– On your second Ubuntu machine, open the terminal.

– Type the following command to find the IP address:

# ip a | grep 'inet 192'

– Look for the IPv4 address ending in 192.xxx.xxx.xxx/24. Note down the part before /24, as this is your machine’s IP address.

Step 2: Start a New Basic Network Scan.

– On the machine with Nessus, open the Nessus interface.

– Click New Scan and select Basic Network Scan.

Step 3: Configure the Scan:

Name: Enter a name for your scan.

Description: Optionally, add a description.

Folder: Leave it set to My Scans.

Targets: Enter the IP address of your target machine.

Step 4: Set Discovery Options:

– In the Discovery section, select Port scan (standard ports) from the dropdown menu.

Step 5: Set Assessment Options:

– In the Assessment section, select Default from the dropdown menu.

Step 6: Configure Report Settings:

– In the Report section, leave all checkboxes at their default settings.

Step 7: Set Advanced Options:

In the Advanced section, keep the Scan Type set to Default.

Step 8: Save and Start the Scan:

– Click Save to save the scan configuration.

– In the My Scans folder, click the Play/Launch button next to your scan to start it.

Step 9: Review the Results:

Once the scan is complete, proceed to the next section to review the results.

Reviewing the Scan Results

Follow these steps to review your Nessus scan results:

Step 1: Open the Scan Results:

– After the scan is complete, click on the scan in the My Scans folder to view the results.

Step 2: Generate an HTML Report:

– Click the Report button in the top right corner.

– A dialog box will appear. Select HTML as the report format.

– Click Continue to download the report.

Step 3: Access the Report:

– The report will be saved in your downloads folder.

– Open the report in your browser to view the results.

Step 4: Understand the Results:

The report will display the following categories of vulnerabilities:

Critical: Serious vulnerabilities that are easily exploitable.

High: Vulnerabilities that skilled hackers can exploit.

Medium: Vulnerabilities that are harder to exploit but can be fixed with some effort.

Low: Minor issues, often related to outdated patches, requiring high expertise to exploit.

Info: General information about the machine, like hardware and operating system details.

Conclusion

This guide explains how to install, set up, and use Nessus for vulnerability scanning. Nessus is a powerful tool, but it works best when set up correctly. Keep in mind that keeping your network and system secure requires more than just tools. For the best protection, combine automated tools with continuous learning and multiple layers of security.