Nessus Essentials: Your First Vulnerability Scan

Want to get hands-on with one of cybersecurity's essential skills, vulnerability scanning, completely for free? This guide will show you how to set up Nessus Essentials, a professional-grade scanner, and use it to scan a real vulnerable machine from a repository like VulnHub. By the end of this project, you'll know how to run your own scans, spot real-world vulnerabilities, and start building your cybersecurity skills in a safe, legal lab environment.

Companion Video Overview

What You'll See (Video Highlights):

• Step-by-step installation of Nessus Essentials on Kali Linux.
• A live host discovery scan to find a vulnerable machine's IP address.
• How to analyze and interpret scan results categorized by severity.

Environment Layout

We will be using Kali Linux as the host for Nessus, as it's a popular distribution for penetration testing and comes pre-loaded with many useful tools.

Step 1: Set Up the Kali Linux VM

1. Navigate to the official Kali Linux website and download a pre-built virtual machine for VMware.

2. Once the download is complete, extract the files and double-click the .vmx file to import it into VMware Workstation Pro.

3. Power on the VM and log in with the default credentials: kali for both the username and password.

4. Update the system by opening a terminal and running the following commands:

   sudo apt update
   sudo apt upgrade
   

Step 2: Set Up the Target VM

To perform a vulnerability scan, you need a target machine. We'll use a deliberately vulnerable VM from VulnHub.

1. Download a vulnerable machine from VulnHub (e.g., "Volnix").
2. Extract the downloaded files and import the .vmx file into VMware Workstation Pro.
3. Power on the VM so it is running on the same network as your Kali Linux machine.

Installing and Configuring Nessus Essentials

Nessus Essentials is a free, powerful vulnerability scanner developed by Tenable. It is limited to scanning up to 16 IP addresses, making it perfect for a home lab or educational use.

Step 3: Download Nessus Essentials

1. Open the Firefox browser in Kali Linux and navigate to the Nessus download page on the Tenable website.
2. Select the Linux-Debian-amd64 version to match the Kali operating system.
3. Accept the terms and conditions and download the .deb package.

Step 4: Install Nessus

1. Open a terminal in the directory where you downloaded the file.
2. Install the package using the dpkg command with sudo:

   sudo dpkg -i Nessus-[version]-debian_amd64.deb
   

3. Start the Nessus daemon service with sudo systemctl start nessusd.service.
4. Once the service is running, navigate to https://[kali-linux-ip]:8834 in your browser to access the web UI.

Step 5: Configure Nessus and Download Plugins

Note: The Nessus installation process requires an activation code. You can register for a free Nessus Essentials account on the Tenable website to receive this code via email.

1. Register for Nessus Essentials and provide your details to get an activation code.
2. Create an admin account for the Nessus web interface.
3. Wait for Nessus to download and compile all the necessary plugins and components. This process can take a significant amount of time, but is essential for an effective scan.

Performing and Analyzing Your First Scan

Step 6: Perform a Host Discovery Scan

Since you don't have login credentials for the vulnerable machine, you can use Nessus to perform a host discovery scan to find its IP address.

1. From the Nessus UI, click New Scan and select Host Discovery.
2. Enter the subnet of your lab network (e.g., 192.168.9.0/24) and launch the scan.
3. Once the scan is complete, review the results to identify the IP of your vulnerable VM.

Step 7: Run a Basic Network Scan

1. Click New Scan and choose Basic Network Scan.
2. Enter the IP address of your target VM and give the scan a name.
3. Save and launch the scan. You can monitor the results in real-time as the scan progresses.

Step 8: Review Scan Results

Once the scan is completed, Nessus will categorize the results by severity: Critical, High, Medium, Low, and Info.

• Vulnerabilities Tab: This tab provides a detailed breakdown of all vulnerabilities found.
• Vulnerability Details: Clicking on a specific vulnerability provides a description, its severity, and sometimes, even proof of concept.

For example, an "NFS share information disclosure" vulnerability might reveal that the home directory of a user is exposed on the network.

Best Practices and Ethical Considerations

• Scan Limit: Nessus Essentials has a limit of 16 IP addresses, which is perfect for home lab environments.
• Ethical Use: Only scan machines you have explicitly set up for practice in your own lab or machines you have express permission to scan. Never point Nessus at machines you do not own.
• Stay Updated: Ensure you keep both the Nessus software and its plugins updated to get the latest vulnerability data.

Key Takeaways

You have now successfully set up Nessus Essentials, a professional-grade vulnerability scanner, and performed your first vulnerability scan against a target VM from VulnHub. This process provides a strong foundation for learning how to identify and assess vulnerabilities in a safe, legal, and controlled environment.

Additional Resources

• Kali Linux Official Website
• VulnHub
• Tenable Nessus Essentials
• How to Set Up a Cybersecurity Lab with VMware Workstation Pro

Found this guide helpful? Check out the accompanying YouTube video for a full, live walkthrough of the entire process.