Security Scanning of Linux Server with Nessus
Nessus is a free and easy-to-use remote security scanner. A security scanner is a software which will audit a remote network and try to test whether hackers, or bad guys, may easily break into it.
Nessus security scanner is made up of two parts :
- a server, and
- a client
The server (nessusd) is actually in charge of the remote attacks, whereas the client is simply used to collect the results.
You can download the latest source of Nessus at:
Download Nessus Client:
Nessus Server (nessusd) Installation:
Let’s use the traditional way to install the Nessus Server.
1. Download the following latest distribution from the download site:
2. Log in as root or use ‘su -‘ command to switch to root to perform the compilation.
3. cd to the directory that the Nessus distribution were downloaded to.
4. Compile and install the distribution in the following order.
5. Install nessus-libraries
6. cd .. return to the directory the Nessus distribution download to.
7. Install libnasl
8. cd .. return to the directory that the Nessus distribution were downloaded to.
9. Install nessus-core
10. cd .. return to the directory that the Nessus distribution were downloaded to.
11. Install nessus-plugins
12. go to /etc/ld.so.conf file and open it.
13. Add a line “/usr/local/lib” in the /etc/ld.so.conf file. Save and close the file.
14. go to /sbin directory
15. type ldconfig to complete the execution.
Nessus Client Installation:
Let’s use a Windows application (NessusWX) as the Nessus client. NessusWX is a client program for Nessus security scanner which is designed specially for Windows platform.
The installation of NessusWX is very simple.
- Download the self-extracting nessusWX-x.x.x-install.exe file to your computer.
- Double-click the nessusWX-x.x.x-install.exe file
- Follow the screen instruction to complete the installation
Now, both server and client of Nessus were installed. The next step is to configure the Nessus Server (nessusd).