Nessus

From ArchWiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Nessus is a proprietary vulnerability scanner available free of charge for personal use. There are over 40,000 plugins covering a large range of both local and remote flaws.

Installation

Install the nessusAUR package.

Post-installation setup

Register your email at the tenable site and wait for your key to be emailed to you.

Usage

The nessusAUR package provides a nessusd.service unit file, see systemd#Using units for details.

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/sbin/nessuscli). In most browsers, you will need to manually accept the SSL certificate you created for the server.

License

Stop nessusd.service before doing anything with nessuscli.

Activate the license:

# nessuscli fetch --register <Activation Code>

View your current license activation code:

# nessuscli fetch --code-in-use

Plugins update

Stop the nessus daemon before doing anything with /nessuscli.

# systemctl stop nessusd.service

Update the plugins:

# nessuscli update --plugins-only

Removal

The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually:

Note: This will delete your Nessus configuration files.
# rm -r /opt/nessus

See also