How it works…
Once the user downloads and installs the executable file on the Windows operating system, the Nessus software can be accessed on a web interface on localhost at port 8834. In order for the installation to be completed, Nessus requires an activation code which can be obtained by registering on the Tenable website and providing some of your details. Once the key is obtained over email, you need to enter the activation code based on the usage and click Continue to be able to finish the installation by downloading plugins. Whenever a new vulnerability is identified, Tenable creates programs and scripts to identify these vulnerabilities. These scripts and programs are called plugins, written in Nessus Attack Scripting Language (NASL). These plugins are to be updated regularly to ensure that the Nessus scan has not left out any recently uncovered vulnerability. A typical plugin consists of vulnerability related information, such as a description, impact, remediation, and also some vulnerability metrics, such as CVSS and CVE.
With a machine connected to the internet, if you are using the Nessus browser interface for installation, the download of the plugins is an automatic process. You should see a plugin download screen once you have registered a license with Nessus. If installing Nessus offline, you will have to manually download the plugins from the custom-generated link once you have registered the license with Nessus. Download the plugins and extract the ZIP or TAR folder into the following directories, based on the operating system you are using:
- In Linux, install to the following directory:
# /opt/nessus/sbin/
- In FreeBSD, install to the following directory:
# /usr/local/nessus/sbin/
- In macOS X, install to the following directory:
# /Library/Nessus/run/sbin/
- In Windows, install to the following directory: C:\Program Files\Tenable\Nessus
Once you extract the package, you can use the following commands to install these plugins based on the operating system in use:
- In Linux, use the following command:
# /opt/nessus/sbin/nessuscli update <tar.gz filename>
- In FreeBSD, use the following command:
# /usr/local/nessus/sbin/nessuscli update <tar.gz filename>
- In macOS X, use the following command:
# /Library/Nessus/run/sbin/nessuscli update <tar.gz filename>
- In Windows, use the following command: C:\Program Files\Tenable\Nessus>nessuscli.exe update <tar.gz filename>