Admin... by accident!

You may have chosen to be an admin. I didn't!

  • Home
  • FreeBSD
  • GNU/Linux
  • Security
  • Network
  • Virtualization
  • Politics
  • Github
  • Donate
  • Me

How to install Nessus 10 on FreeBSD 12

January 31, 2023 by Albert Valbuena

Nessus is a professional vulnerability scanner from the reputable cybersecurity company Tenable. I have already written about it in the past but installing it on a GNU/Linux distro. This very article will guide anyone to install Nessus 10 on FreeBSD, since Tenable is releasing binaries for FreeBSD 11 and 12 as of the time of writing. Of course, anyone can use a free version although lacking many of the professional features the fully fledge license has to offer. The issue can be “easily” solved by just having a big pocket.

Pre-requisites

  • A FreeBSD 12 system on its latest iteration. Link to download such iso.
  • The downloadable URL for the Nessus .txz file available.
  • An email to get the personal use and free cost license.

In the following steps we will download the .txz file from Tenable containing the address and instructions to download and install Nessus 10.3. After that we will get a free license for Nessus Essentials. Finally we will install Nessus using such file and later on we will configure it to be used via browser.

Step 1.- Download the Nessus .txz file from Tenable.

Grab your favorite browser and just visit the following link.

https://www.tenable.com/downloads/nessus?loginAttempted=true

Once the page has loaded just look for the FreeBSD entry. There are two at the time of writing. Grab the one that matches your FreeBSD version. I’m taking the version for FreeBSD 12.

Click on the downwards arrow to download the file.

A license agreement will be displayed. Read it. If you don’t agree there’s no need to follow reading this guide. If you agree to the terms just follow up.

Now we have the file we can move on to the next step and place it into the FreeBSD server we want to install Nessus in.

Step 2.- Upload the installation file into the FreeBSD system.

As silly as it sounds, since you may be very well versed with scp or Filezilla some people just don’t, we will need to upload this .txz file into the server we want to install Nessus in.

Filezilla is a GUI tool that is present in Windows, macOS, GNU/Linux distros and FreeBSD as well. It will help us copying the file from the workstation we’ve used to download the file into the server.

For anyone not knowing how to connect to a server using Filezilla I just recommend searching with your favorite internet search engine or use the following link. This other video link to a YouTube tutorial will may be of help.

In the image below you can see I have already copied the Nessus installation file from my workstation (pane on the left) to the BSD server I want to install the software in (pane on the right).

Now the Nessus-10.3.0-fbsd12-amd64.txz file is on the FreeBSD server we want to install Nessus in it’s time to login into the server and perform the install.

Step 3.- Install Nessus on FreeBSD 12

Now we have the install file on the server, the Nessus installation process in FreeBSD is pretty simple. Just type as follows with admin rights or as the root user.

albert@Nessus-BSD:~ $ sudo pkg install Nessus-10.3.0-fbsd12-amd64.txz

Updating FreeBSD repository catalogue...

FreeBSD repository is up to date.

All repositories are up to date.

Checking integrity... done (0 conflicting)

The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:

Nessus: 10.3.0

Number of packages to be installed: 1

The process will require 75 MiB more space.

Proceed with this action? [y/N]: y

[1/1] Installing Nessus-10.3.0...

Extracting Nessus-10.3.0: 100%

Unpacking Nessus Core Components...

- You can start nessusd by typing /usr/sbin/service nessusd start

- Then go to https://Nessus-BSD:8834/ to configure your scanner

albert@Nessus-BSD:~ $

We will add the nessusd service entry into the /etc/rc.conf file so every time this server is booted the Nessus service will be up and running.

albert@Nessus-BSD:~ $ sudo sysrc nessusd_enable="YES"

nessusd_enable:  -> YES

albert@Nessus-BSD:~ $

Check the servce status. It should not be running at this stage.

albert@Nessus-BSD:~ $ sudo service nessusd status

Nessus is not running

albert@Nessus-BSD:~ $

Fire it up now.

albert@Nessus-BSD:~ $ sudo service nessusd start

Starting Nessus...

albert@Nessus-BSD:~ $ Cached 0 plugin libs in 0msec

Cached 0 plugin libs in 0msec

sudo service nessusd status

Nessus is running

albert@Nessus-BSD:~ $

We double check it’s running by issuing this next command.

albert@Nessus-BSD:~ $ ps aux | grep nessusd

root   924 89.7  0.9 57588 38972  0  S    20:43   0:09.61 nessusd -q

albert 934  0.0  0.0   532   344  0  R+   20:43   0:00.00 grep nessusd

albert@Nessus-BSD:~ $

And indeed, the nessusd service is running as root with PID 924.

Now we have installed Nessus on FreeBSD it’s time to move on into configuring it. Before we do so though, we will get a free license first.

Step 4.- Get a free Nessus Essentials license.

This is a must to use Nessus and it has no cost. The license is limited to the capabilities offered by Tenable in the Nessus Essentials features offering. Limited to be used against 16 local IPs. Enough for training or small lab use.

To get the license for Nessus Essentials we need to fill a form on their website or use the dialog in the browser if we visit the URL formed by our server’s IP + port 8834. Mine is set to this:

https://172.21.146.237:8834

Your server’s IP will be different than this, but the default port as mentioned before is 8834.

Tip: Be very careful if you plan to expose this server into the wild internet when using a virtual machine on any hosting platform. As much as the connection is encrypted with TLS certificates, and the service is protected with username and password, there are chances of an unauthorized access to critical and most confidential information, such as vulnerabilities from your network or devices discovered by Nessus. Limit the access from specific IPs control or set up some complementary security measures to avoid unwanted access.

If you choose the Nessus URL, you will be asked for similar information, such as name, surname and email address.

Use this link below from Tenable to get the free activation code for the Nessus Essentials license.

https://www.tenable.com/products/nessus/activation-code

Once you’ve filled such information you will get an email to the address you’ve given Tenable a similar email as this below with your unique activation code.

 

With your activation code in your email inbox, it’s time to finish the Nessus install on FreeBSD and configure it via browser.

Step 5.- Install Nessus on FreeBSD via browser.

In this step we will finish up the Nessus installation process and add the activation code. This will allow Nessus to download and configure the necessary plugins for it to be fully operational.

Once Nessus Essentials has finished installing, we will be welcomed by a prompt as follows.

Now the install Nessus on FreeBSD process has finished it is time to test out the tool.

Step 6.- Test Nessus on FreeBSD. (Optional)

Testing the just installed tools it’s always fun and a good learning experience. If you already know Nessus and do not want to loose one of those limited 16 targets in the Nessus Essentials license, skip this step all together. If you have never used this tool it may be a good idea to keep reading.

There are some vulnerable sites on the internet set as dedicated targets to test security solutions and skills for cyber security individuals. One of those URLs is demo.testfire.net. You can use it as a testing target.

https://demo.testfire.net/

However, there is a caveat. Nessus will not be able to parse this URL as a target. Instead it will ask for an IP address. That’s simple to solve by using the host command as follows.

albert@Nessus-BSD:~ $ host demo.testfire.net

demo.testfire.net has address 65.61.137.117

albert@Nessus-BSD:~ $

We will then use the resolved IP as a target for our scan.

Note: Make sure you use the host command and resolve an IP address so the target you are scanning is a valid one and not someone else’s IP not intended for testing/demo purposes. You may get in trouble by not doing this properly.

Conclusion

Nessus is a great enterprise-grade vulnerability  scanner already featured here at adminbyaccident. It’s also nice they are providing installers for FreeBSD and I encourage anyone willing to scan their own assets to use the tool on FreeBSD. As you’ve seen it is very easy to install Nessus 10 on FreeBSD, so don’t hesitate.

Filed Under: FreeBSD, How To's, Security

Recent Posts

  • How to install Mate on FreeBSD 12/13
  • How to install Nessus 10 on FreeBSD 12
  • How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
  • How to use Cloudflare’s Argo Tunnel service to publish a website on FreeBSD 12/13
  • How to setup MariaDB master-slave replication on FreeBSD
  • How to upload a FreeBSD custom image on DigitalOcean
  • How to install Drupal 9 on FreeBSD 13.0
  • How to manage site visitors based on IP Geolocation
  • How to enable Geolocation in AWStats on FreeBSD 13.0
  • How to install AWStats on FreeBSD 13.0
  • How to configure Modsecurity 3 for WordPress on FreeBSD
  • How to configure Apache HTTP with a TLS reverse proxy backend on FreeBSD
  • How to detect a WAF – Web Application Firewall
  • How to install Matomo 4 on FreeBSD
  • How to test SSL/TLS configurations
  • How to configure Apache HTTP as a reverse proxy on FreeBSD
  • How to install Nextcloud on FreeBSD 12
  • How to install ModSecurity 3 on FreeBSD
  • How to replace a disk on a ZFS mirror pool
  • How to install Webmin on FreeBSD 12

Archives

  • February 2023
  • January 2023
  • December 2022
  • April 2022
  • March 2022
  • October 2021
  • September 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • September 2018
  • June 2018
  • May 2018
  • April 2018
  • February 2018
  • January 2018
  • November 2017
  • April 2017

RSS Admin… by accident!

  • How to install Mate on FreeBSD 12/13
  • How to install Nessus 10 on FreeBSD 12
  • How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
  • How to use Cloudflare’s Argo Tunnel service to publish a website on FreeBSD 12/13
  • How to setup MariaDB master-slave replication on FreeBSD
  • How to upload a FreeBSD custom image on DigitalOcean
  • How to install Drupal 9 on FreeBSD 13.0
  • How to manage site visitors based on IP Geolocation
  • How to enable Geolocation in AWStats on FreeBSD 13.0
  • How to install AWStats on FreeBSD 13.0

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in