Tip

How to install and configure Nessus

If you've been around the information security profession for any length of time, you probably have at least a passing familiarity with the Nessus vulnerability scanner. In this, the first of a series of three Nessus tips, we'll provide an introduction to this popular security tool and offer the information necessary to install and configure an enterprise Nessus deployment.

Nessus is a member of the family of security tools known as vulnerability scanners. As the name implies, these products scan the network for potential security risks and provide detailed reporting that enables the remediation of gaps in an enterprise's security posture. These scans run using a client/server architecture and the installer allows one or both to be configured on an individual system.

Installing Nessus
Installing Nessus 3 is much easier than getting up and running with earlier versions of the product; it now uses a standard InstallShield installer. (Previous Linux/Unix only versions required users to manually download and execute an installation script.) Visit the

    Requires Free Membership to View

Nessus download page and walk through the registration process to obtain a copy of the installer. (Note: it is important to follow the registration process; registered users receive an activation code via e-mail that is required to use the product.)

 

 


See larger image

After downloading the installer, run it to begin the wizard-guided installation process. (Windows Vista users must right click on the file and choose "Run as administrator" to bypass User Account Control.) After accepting the terms of the license agreement, choose whether to install the Nessus Client and/or the Nessus Server. Choose the appropriate components for your installation. Those planning to build a typical stand-alone Nessus installation should install both components.

When the installation completes, Nessus will ask for a product registration code. If you provided your contact information before downloading Nessus, the code should be sitting in your email inbox. It's a 20-digit alphanumeric code that arrived in an email bearing the subject "Nessus Plugin Feed".

Updating Plugins
One last word of wisdom: the Nessus plugins (the scripts that provide the scanning functionality of Nessus) change frequently. Get updated plugins from the official site on a regular basis. After completing the Nessus installation wizard, you'll be asked if you'd like to update the plugins immediately. If you didn't choose this option or you wish to update the plugins at a later date, choose Tenable Network Security -> Nessus -> Plugin Update from the Windows Start menu. By default, Nessus will automatically update itself every 24 hours.

 

 


See larger image

Simply click the Update button to download and install the latest Nessus plugins. One important note: as of July 31, 2008, Nessus is free only for home users. Commercial users must purchase a $1,200 annual subscription to the Nessus "Professional Feed" from Tenable.

Our next tip will explore using Nessus to conduct vulnerability scans, and we'll wrap up the series with a look at deploying Nessus as part of an enterprise vulnerability scanning program.
 


   NESSUS TUTORIAL
  Introduction: What is Nessus?
  How to install and configure Nessus
  How to run a system scan
  Using Nessus Attack Scripting Language (NASL)
  Vulnerability scanning in the enterprise
  How to simplify security scans
  How to use Nessus with the SANS Top 20

 

ABOUT THE AUTHOR:

 
Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide andInformation Security Illuminated.
 


 

This was first published in June 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.