How to Self-Host Nessus on Ubuntu 24.04: A Comprehensive Guide

Unlock the potential of self-hosting with Nessus, the powerful network scanning tool developed by Tenable. In this guide, we’ll explore how to install and configure Nessus on an Ubuntu 24.04 server, enabling you to conduct vulnerability assessments and maintain robust security for your network. Ready to dive in? Let’s get started!

What You Need Before You Start

To ensure a smooth installation process, make sure you have:

• An Ubuntu 24.04 Server
• A non-root user with administrator privileges

Installing Nessus via DEB File

To install Nessus on your Ubuntu system, you’ll first need to download the DEB file and install it using the ‘dpkg’ command. Here’s how:

Step 1: Download Nessus

Use the following command to download the Nessus DEB file. Always visit the Nessus download page to get the latest version:

curl --request GET --url 'https://download.tenable.com/downloads/nessus/Nessus-10.8.3-ubuntu1604_amd64.deb' --output 'Nessus-10.8.3-ubuntu1604_amd64.deb'

Step 2: Install Nessus

After downloading, run the next command to install Nessus:

sudo dpkg -i Nessus-10.8.3-ubuntu1604_amd64.deb

Step 3: Start the Nessus Service

Once the installation is complete, you’ll need to start the Nessus service using the command below:

sudo systemctl enable --now nessusd

Check the service status to ensure it is running:

sudo systemctl status nessusd

Configuring UFW (Uncomplicated Firewall)

With Nessus running, it’s time to configure your firewall to allow necessary connections.

Step 4: Open Ports for Nessus

Follow these commands to enable OpenSSH access and create a rule for the Nessus dashboard:

sudo ufw allow OpenSSH
sudo ufw allow 8834/tcp

Enable UFW and confirm the settings:

sudo ufw enable

sudo ufw status

Setting Up the Nessus Installation Wizard

After configuring the firewall rules, you can proceed to set up Nessus via your web browser.

Step 5: Access the Nessus Wizard

Navigate to https://:8834 in your browser. If installation was successful, you will see the Nessus installation wizard. Click ‘Continue’ to get started.

Step 6: Complete Registration and Configuration

Register with Tenable by entering your name and email address. An activation code will be sent to your email. Create a username and password for accessing the Nessus dashboard:

Once logged in, Nessus will begin downloading the necessary plugins. Should the plugin installation fail, you can manually install them using the following commands:

cd /opt/nessus/sbin
./nessuscli update

Adding Nessus to System PATH

To simplify command-line usage, add Nessus to your system PATH:

Step 7: Modify .bashrc

Open the .bashrc file:

vim ~/.bashrc

Append the following lines to include Nessus paths:

export PATH=$PATH:/opt/nessus/bin:/opt/nessus/sbin

Save and close the file, then run:

source ~/.bashrc
echo $PATH

Scanning with Nessus

Now, you’re ready to perform scans and generate reports!

Step 8: Create a New Scan

From the Nessus dashboard, click on the “New Scan” button. Select the “Basic Network Scan” template, enter details such as scan name, description, and target IP addresses:

After creating the scan, hit the play button to start scanning.

Step 9: Generating Reports

Once the scan is complete, navigate to the “Reports” section to generate an HTML report:

Getting invaluable insights into vulnerabilities has never been easier!

Conclusion

Congratulations! You’ve successfully installed Nessus on your Ubuntu 24.04 server and learned how to configure it for effective scanning. This hands-on approach not only empowers your self-hosting initiatives but also elevates your cybersecurity measures. Keep your systems secure and consider integrating other self-hosting tools for comprehensive management!

FAQ

Question 1: What is Nessus used for?

Nessus is a network vulnerability scanner that helps identify weaknesses in devices, applications, and operating systems, making it essential for vulnerability assessments and penetration testing.

Question 2: How can I troubleshoot plugin installation issues?

If plugins fail to install automatically, you can manually install them using the Nessus CLI by navigating to the appropriate directory and running the update command.

Question 3: Is self-hosting Nessus more secure than using the cloud version?

Yes, self-hosting Nessus allows for greater control over your data and security configurations, minimizing exposure to potential cybersecurity threats associated with third-party cloud solutions.

Read the original article