Nessus - (Vulnerability Scanner)

  • Everyone knows what vulnerability scanners are. Everyone knows that this is the first tool that a hacker who needs to crack something will resort to. No not like this. To which an information security specialist has resorted to identify vulnerabilities in the system.

    But there are so many of these scanners that your eyes just run up, and you want to try everything in a row. And in this article I will talk about one of these Nessus scanners.

    Why exactly him?

    1 - This is the best vulnerability scanner under * nix.

    2 —Full compatibility with nmap (that is, Nessus and ports scans using nmap).

    3 - The presence of useful features, such as saving the scan results in the database and the possibility of subsequent use (for example, compare the results of yesterday’s scan and the scan a month ago) or saving and subsequent loading of the scan session, if you didn’t manage at one time.

    And finally, the scanner has so many settings that it can satisfy any “hacker”. Plus - the program is graphic.


    First you need the gtk + library (for Nessus’a 1. *. *, For the second version you already need gtk2.0).

    Next, install (if not) the OpenSSL package (

    Move on.

    From we take out the scanner itself and install it.

    make install

    or, if a folder with a similar name nessusinstall-sh appears in the folder, then sh nessusinstall-sh will help

    After a long installation, find the directory where the binaries of the scanner were put in. It was / usr / local / sbin /. Go there and become a root (su).

    Further commands:

    nessus-mkcert - this command will create a certificate for the share of server users (this scanner is a client-server program).

    nessus-adduser - add a user, here you specify the username and password

    nessusd - start the daemon (server itself)

    If everything is done correctly, now you can start the scanner from the user with the nessus command, specifying the login and password specified in nessus-adduser.

    After starting, you will see the main window open on the Nessusd host. Here you specify the address and port on which the nessusd daemon is running. For home use, it is localhost and 1241.

    When you connect with the demon, go through the windows and appreciate the power of this scanner. A bunch of plug-ins, settings, various types and methods of scanning, the number of nodes scanned simultaneously.

    In Target selection, specify the target. To begin, I advise you to scan yourself.

    Upon completion, Nessus will issue a detailed report on open ports and holes on those ports.

    In the window with Result, Subnet are scanned subnets, Host are nodes. Found vulnerabilities are traditionally divided into Low, Medium and High. You will immediately read about the essence of the vulnerability and methods for eliminating it.

  • This scanner perform very fast, i highly recommended

Log in to reply

Login in your account to Start Chat