How to Install Nessus and Run Vulnerability Scans
- Overview
- Registration
- Download and installation
- Connect to server
- Featured detections
- Types of Network Scans
- Conclusion
Nessus is a tool developed by Tenable that scans for security vulnerabilites that can be found in devices, operating systems, clound-based services, applications and other network-related components. Nessus conducts vurnerability assessments that aid endpoint users in hardening security infranstructures by identify system flaws, missing patches, malware and misconfigurations, etc..
This README.md will give a general overview of Teanable Nessus.
We will be using Nessus Essential because it is Tenable's free vulnerability assessment solution. After pressing "Get Started" to register, an activation code will be sent to the submitted email.
The next page will prompt to press the download button to enter the Download page.
https://www.tenable.com/products/nessus/nessus-essentials
Select your version and platform/flavor of Nessus to download and install.
1.) After installation, the browser will open up a localhost SSL server page that uses port 8834.
-Note: It is a good idea to bookmark or save the address in a safe place because it is easy to forgot.
2.) Connect via SSL and the service will start to initialize.
3.) Select "Nessus Essentials"
4.) After entering contact infomation, select "Skip" since we already recived an acivation code via email.
5.) Enter the activation code and continue.
6.) Create a username/password for your account and then press submit. Nessus will finish up configurations.
This is the main page of Nessus Essentials. All scans are placed here unless moved in a folder.
Nessus offers different templetes that cover 3 vulnerability scanner categories: Discovery, Vulnerabilities, and Compliance.
-
Uncredential: Does not utilize privleged credentials. Limited in scope but can still identify basic vulerabilities.
-
Credential: Utilizes privleged credentials to provide a more in-depth anlysis with accurate resilts.
I have attached examples of conducted scans from my MacOS device. It showcases how much more information can be acquired from a credentialed scan compared to a uncredentialed scan.
Note: Scans took place a month apart from each other to show how quickly vulnerabilities can manifest.
- Found vulnerabilities: 49
- 2 CVSS
- 47 of the vulnerabilities are infomational, which are actually facts rather than vulnerabilities.
- Found vulnerabilities: 52
- 5 CVSS
- 47 of the vulnerabilities are infomational, which are actually facts rather than vulnerabilities.
Credential scans have a leg up on uncredential scans due to the privleged access it has to machines. Nessus provides remediations for ]known CVEs when credentialed scans are conducted.
Note: I have applied remediations to my device to make it vulnerability free.
Tenable Nessus is one of the many vulnerabilty scanners services available on the market. No matter if it personal or business-related, scanners are essensial for protecting assets. Risk, threat, and vulnerability management is a key element in the world of security.