Using Nessus for Vulnerability Scanning on Ubuntu 22.04 Desktop: A Step-by-Step Guide

Introduction

Nessus, developed by Tenable Incorporation, is a powerful Vulnerability Scanning Tool. It scans computer/server ports for known vulnerabilities and provides detailed reports. This tool is user-friendly and doesn’t demand advanced OS knowledge or command line expertise. It’s a valuable asset in the Reconnaissance/Enumeration stage of Security Penetration Tests.

Nessus comes in three tiers, each offering different sets of tools:

1. Nessus Essentials: The free version with essential tools for regular vulnerability scans.
2. Nessus Professional: Offers more functionalities than the free version, suitable for Professional Penetration Testers and security practitioners.
3. Nessus Expert: The complete set of functionalities ideal for IT departments of small enterprises.

In this tutorial, we’ll use the Nessus Essentials version, but the installation process is similar for all versions.

Prerequisites

Before we proceed, ensure you meet the following requirements:

• A server or virtual machine running Ubuntu 22.04 (Desktop Distro or Server).
• Minimum of 4 GB RAM (8 GB recommended).
• At least 5 GB of available space for installing Nessus Essentials.
• Four dual-core processors or more (additional cores speed up tests).
• Processor speed of 1 GHz or higher.
• Non-root user account for secure practices.
• (Optional) Another Ubuntu machine for performing vulnerability scans.
• Supported browser (Google Chrome, Mozilla Firefox) installed.

Now, let’s move on to the installation process.

Step 1: Installing the Nessus Essentials Tool

Once you’ve ensured that your system meets the prerequisites, follow these steps to install the Nessus Tool on your Ubuntu machine.

1.1. Download the Installation Package:

Open a terminal window and use the following command to download the installation package for Ubuntu machine:

sudo curl --request GET --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.4.2-ubuntu1404_amd64.deb' --output /tmp/'Nessus-10.4.2-ubuntu1404_amd64.deb'

This command downloads the Nessus installation files to the /tmp folder.

1.2. Install Nessus:

Next, install Nessus using the dpkg package manager:

sudo dpkg -i /tmp/Nessus-10.4.2-ubuntu1404_amd64.deb

This command installs Nessus on your Ubuntu system.

1.3. Start the Nessusd Service:

After the installation, restart the Nessusd service by running:

sudo /bin/systemctl start nessusd.service

1.4. Access Nessus via Browser:

You can now access Nessus through your browser using the following address:

http://localhost:8834/

Note: Port 8834 is the default port for Nessus.

Please be aware that in most browsers, you may receive a security pop-up asking you to go back. This is normal and safe. Click on “Advanced” and then proceed to the website. This step ensures a secure connection to Nessus.

Step 2: Setting up Nessus in Your Local Browser

Now that we’ve successfully installed Nessus, let’s proceed with configuring it in a local browser and installing the required plug-ins.

2.1. Welcome Screen:

Upon reaching the Welcome screen, select “Nessus Essentials” to continue with the free tier. If you have a subscription for the Professional or Expert tier, you can choose the relevant option. The installation process remains similar for all tiers.

2.2. Provide User Information:

You’ll be prompted to enter your Name and Email address to receive an activation code for your Nessus Essentials. If you already have an activation code, you can skip this step. Otherwise, provide your details to receive the code in your submitted email.

2.3. Enter Activation Code:

Once you receive the code, enter it in the activation code block.

2.4. Create Administration Account:

Next, create an administration account by choosing a username and setting a strong password. For example, in this tutorial, we’ll use the username “Teckassist”.

2.5. Installing Plug-ins:

Nessus will now start installing the necessary plug-ins. Depending on your internet connection and processor capabilities, this process may take some time. Once you receive the notification that plug-ins have been installed and compiled successfully, you can proceed to the next step.

Step 3: Configuring Nessus Scan Settings for Vulnerability Scanning

Now that Nessus is successfully installed, we can begin running scans on target systems for reconnaissance purposes. Follow these steps:

3.1. Access My Scans:

Navigate to the “My Scans” folder on the Nessus homepage. If this is your first time using Nessus, there won’t be any existing scans.

3.2. Create a New Scan:

Click on the “New Scan” button located in the top right corner of your dashboard.

3.3. Select Scan Category:

You will be directed to the Scan Template page, which presents three major categories of Scans: Discovery, Vulnerability, and Compliance. For this tutorial, we’ll focus on the “Vulnerability” category.

3.4. Basic Network Scan:

Select “Basic Network Scan” to proceed.

Configuration Settings of the Scan:

Basic:

• General: Provide the target system’s name and IP address. Optionally, add a description and choose a folder. In this tutorial, the description states “This scan is used for demonstration purposes”. Ensure to enter the IP address of your target Ubuntu machine.
• Schedule: Leave this option turned off, as we won’t be scheduling any scans in this tutorial.
• Notifications: This is optional. Add email addresses to receive scan notifications. For this tutorial, we won’t set up email notifications.

Discovery:

• Choose the scope of your scan. For a Basic Network Scan, it’s not necessary to scan all 65535 ports. We’ll stick to “Standard Ports” for efficiency.

Assessment:

• Select the vulnerabilities to assess. For a Basic Network Scan, “Default” suffices. Nessus will employ the best methods for stealth and enumeration.

Report:

• Customize the report. Under “Processing”, select “Show missing patches that have been superseded” and “Hide results from plugins initiated as a dependency” for a comprehensive report. Choose output format (HTML or XML) as needed.

Advanced:

• These options are for more advanced scans. For our Basic Network Scan, keep the settings at default.

With these settings, we’re ready to perform a Basic Network Scan. Adjust options as needed for specific scenarios, but for this tutorial, these configurations will suffice. Remember, more advanced settings may be required for professional and active scans.

Step 4: Performing a Vulnerability Scan with Nessus

With the scan configurations in place, let’s perform a dummy scan on a similar Ubuntu machine as used in previous sections.

1. Get the IP Address:

On the second machine, open a terminal and type the following command to obtain the IP address:

ip a | grep 'inet 192'

Identify the IP address that ends with 192.###.###.###/24. Note down the values before the /; this is your IP address.

2. Start a New Scan:

On the machine with Nessus, start a new Basic Network Scan as shown in the previous section. Provide a name and optional description. Leave the folder as “My Scans”.

3. Set Targets:

In the Targets section, enter the IP address of your target machine.

4. Configure Scan Settings:

• Discovery: Choose “Port scan (standard ports)” from the dropdown menu.
• Assessment: Select “Default” from the dropdown menu.
• Report: Leave all checkboxes at their default selections for this basic scan.
• Advanced: Keep the Scan Type as “Default”.

4. Save and Launch the Scan:

Save the scan by clicking on “Save”, and you will be redirected to the “My Scans” folder. There, click on the “Play/Launch” button in front of the scan.

Once the scan is completed, proceed to the next section where we will review the results.

Step 5: Reviewing the Scan Results

After the scan is completed, click on it to access the results section. You can generate an HTML report of the scan results by clicking the “Report” button in the top right corner. Choose HTML and proceed. The report will be downloaded to your downloads folder. Opening it in your browser will display a page like the one below.

Nessus will present all the results and information gathered from the scan. There are five categories of results:

• Critical: Vulnerabilities that are critical or easily exploitable.
• High: Vulnerabilities that experienced hackers can exploit.
• Medium: These vulnerabilities are usually not easily exploitable and can be fixed with effort.
• Low: These vulnerabilities include standard patches that are not updated, etc. Exploiting such vulnerabilities requires a high level of skill.
• Info: This section provides basic information about the machine, such as its hardware and operating system details.

Conclusion

This article has provided a detailed, step-by-step guide for installing Nessus on Ubuntu 22.04 and using it to scan another Ubuntu 22.04 target machine. We’ve also explained the results provided by a Basic Network Scan and demonstrated how to export them as an HTML report.

For those looking to further their understanding of Nessus, consulting the Nessus Documentation is highly recommended. Additionally, gaining a solid understanding of Computer Networking is crucial for anyone looking to delve deeper into the field of Cyber Security. This could be the next step for those aspiring to enter the world of Cyber Security.