Nessus Essentials Vulnerability Scanner Setup

Introduction

Nessus is the industry’s most widely-deployed vulnerability scanner. Nessus Essentials offers free vulnerability scanning for up to 16 IP addresses, making it the perfect entry point for security professionals and hobbyists. This guide walks you through installation, configuration, and running your first comprehensive vulnerability assessment.

What Is Nessus?

Nessus is a remote vulnerability scanner developed by Tenable. It probes systems for known vulnerabilities, misconfigurations, compliance gaps, and credential weaknesses. Unlike intrusive penetration testing, Nessus scanning is passive and designed to identify issues without disrupting services.

Nessus Essentials vs. Professional

Feature	Essentials	Professional
Max IPs per scan	16	Unlimited
Cost	Free (registration required)	$2,990/year
Plugin updates	Daily	Daily
Compliance checks	Basic	Advanced
API access	Limited	Full

System Requirements

Nessus Essentials requires:

• RAM: 2GB minimum (4GB+ recommended)
• Storage: 5GB available disk space
• Port: 8834 (HTTPS) by default
• Supported OS: Linux, Windows, macOS

Installation on Linux

Download Nessus

Visit nessus.tenable.com and select Nessus Essentials.

For Ubuntu/Debian:

wget https://www.nessus.com/nessus-latest.deb
sudo apt install ./nessus-latest.deb

For CentOS/RHEL:

sudo rpm --import https://www.nessus.com/corporate/tenable.pub
sudo yum install ./nessus-latest.rpm

Start Nessus Service

sudo /bin/systemctl start nessusd

Enable automatic startup:

sudo /bin/systemctl enable nessusd

Verify Installation

sudo /bin/systemctl status nessusd

Initial Configuration

Access the Web Interface

Open your browser and navigate to https://localhost:8834. You’ll see a security warning (self-signed certificate is normal for local installations).

Register Nessus Essentials

1. Select “Register for Nessus Essentials”
2. Create an account at nessus.tenable.com
3. Retrieve your activation code from your Nessus account
4. Enter the activation code in the web interface
5. Complete the registration wizard

Wait for Plugin Updates

Nessus downloads ~50,000 vulnerability plugins. This process takes 15-30 minutes depending on connection speed. Monitor progress in the interface.

Creating Your First Scan

Start a New Scan

Click “Create Scan” and select a scan template:

• Basic Network Scan: Lightweight scan for general vulnerability discovery
• Advanced Scan: Full scanning with credential testing
• Web Application Scan: Targets web servers and applications
• Malware Scan: Focused malware detection

Basic Network Scan Setup

1. Name your scan (e.g., “Home Lab Assessment”)
2. Add targets:
   • Single IP: 192.168.1.100
   • IP range: 192.168.1.0/24
   • Multiple targets: Comma-separated list
3. Select discovery settings:
   • Ping hosts before scanning
   • Port scan (Port scanning must be enabled)
4. Configure scan timing:
   • Aggressive (faster, louder)
   • Normal (balanced)
   • Thorough (slower, comprehensive)

Essential Settings

Authentication Tab (optional but recommended):

• Add SSH credentials for Linux systems
• Add SMB credentials for Windows systems
• Authenticated scans reveal more vulnerabilities

Plugins Tab:

• Enable/disable specific vulnerability categories
• Manage False Positive settings
• Configure plugin families

Advanced Settings:

• Scan Timeout: Default 5 hours (adjust for complex networks)
• Port Scan Range: Default 1-65535
• Performance: Adjust scanning speed and parallel processing
• Scope: Define scan behavior and depth

Running Your First Scan

Launch the Scan

1. Click “Save” to create your scan configuration
2. Click the blue play button next to your scan name
3. Monitor progress in real-time on the main dashboard

Understanding Scan Progress

• Hosts discovered: Network reconnaissance phase
• Scanning: Active vulnerability testing
• Consolidating results: Organizing findings

A typical 16-host scan takes 15-60 minutes depending on settings and target systems.

Interpreting Scan Results

Vulnerability Severity Levels

• Critical (Red): Immediate exploitation risk, patch immediately
• High (Orange): Serious vulnerabilities, prioritize patching
• Medium (Yellow): Notable risks, schedule remediation
• Low (Blue): Minor issues, address in regular maintenance
• Info (Gray): Informational findings, not security issues

Reading Individual Vulnerabilities

Click any vulnerability to reveal:

• Description: Technical details of the issue
• Solution: Recommended remediation steps
• Affected assets: Which hosts have the vulnerability
• CVSS score: Standardized severity metric
• References: Links to CVE details, vendor advisories

Common Findings

• Outdated software versions with known CVEs
• Open ports running unnecessary services
• Default credentials still enabled
• Missing security patches
• Weak SSL/TLS configurations
• Unneeded services running

Advanced Scanning Techniques

Credentialed Scanning

For deeper vulnerability assessment, add credentials:

SSH Credentials (Linux):

1. Settings → Credentials
2. Type: SSH
3. Add username and password (or private key)
4. Test connection

SMB Credentials (Windows):

1. Settings → Credentials
2. Type: Windows
3. Add domain, username, and password
4. Verify connectivity

Credentialed scans reveal:

• Patch status
• Local user accounts
• Installed software
• Configuration weaknesses
• Local privilege escalation vectors

Scheduled Scanning

Create recurring scans for continuous monitoring:

1. Create scan
2. Save but don’t launch
3. Click the three-dot menu → “Schedule”
4. Set frequency (daily, weekly, monthly)
5. Choose execution time during low-traffic periods

Exporting and Reporting

Generate Reports

After scan completion, click “Export”:

Report formats:

• PDF: Professional presentation format
• CSV: Data analysis in spreadsheets
• Nessus: Native format for re-import
• HTML: Web-viewable report

Custom Report Generation

1. Click the scan name
2. Select “Report” tab
3. Choose template (Executive Summary, Detailed Report)
4. Configure sections to include
5. Export in desired format

Best Practices for Nessus Scanning

Network Considerations

• Schedule scans during maintenance windows
• Inform network teams before scanning
• Start with low-risk targets
• Gradually increase scanning intensity as you build experience

Accuracy and False Positives

• Verify critical findings before escalation
• Check CVE details for applicability
• Note confirmed vs. potential issues
• Document false positives for future reference

Remediation Workflow

1. Triage: Sort by severity and exploitability
2. Verify: Confirm findings manually when critical
3. Remediate: Apply patches and configuration fixes
4. Re-scan: Verify successful remediation
5. Document: Track remediation progress

Troubleshooting Common Issues

Scan Won’t Start

sudo /bin/systemctl restart nessusd

Check logs for specific errors.

Plugin Download Stalled

• Verify internet connectivity
• Check firewall rules for outbound HTTPS
• Restart Nessus service
• Force plugin update: Settings → Software Update

High False Positive Rate

• Enable credentialed scanning for accuracy
• Update plugin set (Settings → Software Update)
• Adjust sensitivity settings in Advanced options
• Create scan-specific exceptions for known non-vulnerabilities

Conclusion

Nessus Essentials provides enterprise-grade vulnerability scanning at no cost, making it essential for anyone learning security assessment. By mastering installation, scan configuration, result interpretation, and remediation workflows, you’ll develop the practical skills required for professional vulnerability assessment roles. Start with simple network scans, progress to credentialed assessments, and build expertise in comprehensive vulnerability management.