In this guide, we want to teach you to Set up Nessus Scanner on AlmaLinux 8.
Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools. In fact, Nessus is one of the many vulnerability scanners used during vulnerability assessments and penetration testing engagements, including malicious attacks. Nessus is a tool that checks computers to find vulnerabilities that hackers COULD exploit.
Nessus works by testing each port on a computer, determining what service it is running, and then testing this service to make sure there are no vulnerabilities in it that could be used by a hacker to carry out a malicious attack.
Steps To Set up Nessus Scanner on AlmaLinux 8
To complete this guide, you must log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this, you can follow our guide on Initial Server Setup with AlmaLinux 8.
Download Nessus for AlmaLinux 8
First, you need to update your local package index with the following command:
sudo dnf update -y
sudo curl --request GET \ --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.5.1-es8.x86_64.rpm' \ --output 'Nessus-10.5.1-es8.x86_64.rpm'
Install Nessus on AlmaLinux 8
When your download is completed, run the following command to install the Nessus scanner on your server:
sudo rpm -ivh Nessus-10.5.1-es8.x86_64.rpm
Manage Nessus Scanner Service
At this point, you need to start and enable your Nessus service by using the following commands:
# sudo systemctl start nessusd # sudo systemctl enable nessusd
Verify your Nessus scanner is active and running on AlmaLinux 8:
sudo systemctl status nessusd
Output ● nessusd.service - The Nessus Vulnerability Scanner Loaded: loaded (/usr/lib/systemd/system/nessusd.service; enabled; vendor pre> Active: active (running) since Mon 2023-04-03 07:36:44 EDT; 14s ago Main PID: 48112 (nessus-service) Tasks: 13 (limit: 23668) Memory: 98.7M CGroup: /system.slice/nessusd.service ├─48112 /opt/nessus/sbin/nessus-service -q └─48113 nessusd -q ...
Configure Firewall For Nessus
Here we assumed that you have enabled firewalld. Now you need to allow Nessus port through the firewall. To do this, run the command below:
sudo firewall-cmd --zone=public --permanent --add-port 8834/tcp
Reload the firewall to apply the new rules:
sudo firewall-cmd --reload
Access Nessus Scanner Web Interface
At this point, you can access your Nessus web interface by typing your server’s IP address in your web browser followed by 8834:
You will see the Nessus Scanner welcome page. At this point, you need to choose how you want to deploy Nessus. Select a product to get started.
Here we choose Nessus Essentials – The free version for educators, students, and hobbyists.
Then, you need to enter your information to register and get an activation code from Nessus on AlmaLinux 8.
After that, you need to enter the Nessus activation code that you have received and click continue.
Next, you need to create a Nessus admin user on AlmaLinux 8 and click submit.
At this point, you need to wait while Nessus prepares the files to scan your assets. When it is completed, you will see your Nessus Dashboard.
Create First Scan with Nessus on AlmaLinux 8
At this point, we want to show you how to scan your AlmaLinux system for vulnerabilities via the Nessus web dashboard.
From your Nessus dashboard, click on My Scans and click Create a new scan.
Next, select the scan templates for your new scan. Here we use the template ‘Basic Network Scan‘.
At this point, you need to enter a name for your scan, the description, the folder for storing the scan, and the target server. Then, click Save to save the new scan.
From your ‘My Scan’ page, you will see the new scan that you just created. Click the start button to start the scan.
That’s it you are done.
At this point, you have learned to Set up the Nessus scanner on AlmaLinux 8.
Hope you enjoy it. You may be like these articles on the Orcacore website: