Installing Nessus on Kali Linux


Nessus Vulnerability Scanner is the most widely used tool during the VA (Vulnerability Assessment) phase of Ethical Hacking. Nessus supports more technologies than any other vendor, including operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.

Key features include:

  • High-Speed Asset Discovery
  • Vulnerability Assessment
  • Malware/Botnet Detection
  • Configuration & Compliance Auditing
  • Scanning & Auditing of Virtualized & Cloud Platforms

Nessus is a product from Tenable Network Security which offers different editions of Nessus for different types of users.

Nessus Editions

The Nessus Home Edition is free of cost which is meant to be used for testing purpose in a lab environment and that’s the one we are going to install on Kali Linux. Follow these simple steps.

Step #1 : Obtain the Activation Code for Nessus Scanner

Nessus scanner requires an activation code both during its installation and to update its plugins in future. Go to Nessus activation code registration page and register by entering your name and e-mail address.

Nessus Registration for an Activation code

Check your inbox and save the Activation Code which we require later.

Step #2 : Download the Nessus Home Edition

Go to the Nessus Home Edition’s download page , select the OS as Linux and download the appropriate (32-bit or 64-bit) Nessus.deb package. You’ll be asked to agree the Subscription Agreement before the download can start. The agreement says that you’re liable to the consequences of the security ramifications of the tool and you’re being agreed to use the tool for non-commercial purpose.

Nessus Download for Kali Linux

Step #2 : Install the Nessus on Kali Linux

Once you have the Nessus.deb package on Kali Linux, install it like so:

dpkg -i Nessus_pkg.deb

Nessus Installation on Kali Linux.jpg

Note down two things from the installation syslog messages on the screen.
1. Nessus service name : nessusd
2. URL of Nessus : 

https://kali(or localhost):8834/

Step #3 : Start the Nessus service

Nessus daemon is started just like any other Linux service.

service nessusd start

You can verify the status of Nessus service like so:

service nessusd status

Nessus Service

To make the Nessus service to start during system booting, run

update-rc.d nessusd defaults

Nessus Service update-rc.d
Don’t worry about the warning messages.

Step #4: Access the Nessus Scanner

Open the web browser and enter the URL https://localhost:8834. Try to remember the Nessus scanner’s port number — 8834.

An untrusted secure connection warning message will pop up. After confirming the security exception, you’ll get the Welcome page of Nessus. Click on Continue.

Nessus Scanner Welcome page

In the next page, you’ll be asked to setup a System Administrator account so you can login to the scanner and perform various tasks. Enter a username and password (remember the password!). Click on Continue.

Nessus Scanner Account setup

Next you’ll be asked to enter the Activation Code that you obtained in step #1 to register the product. Enter the activation code and click on Continue.

Nessus setup activation code

That’s it. Now Nessus will start to fetch plugins from the Nessus cloud and update its local database. Depending on your Internet speed, it’ll take a while to complete. Meanwhile, you can go to your kitchen and start preparing Coffee from Nescafe coffee beans.

Nessus setup plugin download

After Nessus finished downloading the latest security plugins for scanning, you can login using the Username and Password you set earlier.

Nessus Scanner Login

You will be welcomed by the Nessus Dashboard wherein you can start initiating a scan.

Nessus Scanner Dashboard

About Deepak Devanand

Seeker of knowledge
This entry was posted in Nessus and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s