Nessus is a powerful vulnerability scanner used to identify potential security risks in your infrastructure. It is widely adopted by security professionals to perform network scans and detect vulnerabilities in applications, operating systems, and devices. In this guide, we will walk you through the steps to install Nessus on Ubuntu 22.04. Whether you're setting it up on a local server or using a Windows VPS UK, this tutorial will help you secure your environment.
Step 1: Download Nessus
Nessus is not available in the default Ubuntu repositories, so you need to download it from the official Tenable website. Start by visiting the Nessus downloads page, or you can use the following command to download the Nessus Debian package:
wget https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/15694/download?i_agree_to_tenable_license_agreement=true -O Nessus-10.3.0-ubuntu2204_amd64.deb
Once the download is complete, you are ready to install Nessus on your system. This works whether you're setting it up on a local server or a VPS Windows Servers platform.
Step 2: Install Nessus
To install Nessus, run the following command:
sudo dpkg -i Nessus-10.3.0-ubuntu2204_amd64.deb
After the installation, enable and start the Nessus service:
sudo systemctl enable nessusd
sudo systemctl start nessusd
Nessus is now installed and running on your system. This setup will work on both local environments and cloud deployments like a Windows VPS hosting UK.
Step 3: Access Nessus Web Interface
Nessus provides a web interface for managing scans and reports. To access the web interface, open a browser and navigate to the following URL:
https://your-server-ip:8834/
If you're using Nessus on a Windows VPS Italy or another VPS environment, replace your-server-ip
with the public IP of your server.
The browser may show a security warning because Nessus uses a self-signed SSL certificate. You can safely bypass this warning to proceed to the Nessus setup page.
Step 4: Complete Nessus Setup
Once on the Nessus web interface, you'll be prompted to choose a product (Nessus Essentials, Professional, or Manager). For free usage, you can choose Nessus Essentials. After selecting your product, register for an activation code on the Tenable website and enter it into the setup page.
Next, Nessus will download the necessary plugins to start performing scans. This process may take a few minutes, depending on your network speed. Once the plugin download is complete, you can log in and start creating vulnerability scans.
Step 5: Configure and Run a Vulnerability Scan
After the setup is complete, log in to the Nessus web interface using the credentials you created during the setup process. To start a scan, follow these steps:
- Click on the "New Scan" button.
- Choose the type of scan (e.g., Basic Network Scan).
- Enter the target IP address or network range.
- Configure any additional settings, such as scan policies or credentials.
- Click "Launch" to start the scan.
Once the scan is complete, Nessus will generate a detailed report with identified vulnerabilities, their severity, and remediation recommendations. This functionality is invaluable for securing your network, whether hosted locally or on a VPS Windows Servers platform.
Step 6: Secure Nessus with SSL
For enhanced security, you can configure Nessus to use a valid SSL certificate instead of the self-signed one. You can use Let's Encrypt to obtain a free SSL certificate. First, install Certbot:
sudo apt install certbot
Next, run the following command to generate the SSL certificate for your domain:
sudo certbot certonly --standalone -d your-domain.com
Once the certificate is obtained, update the Nessus configuration to use the new SSL certificate and restart Nessus. This step ensures that your Nessus instance is securely accessible via HTTPS, whether on a local server or a Windows VPS hosting UK.