Kali Linux (or Kali) is a penetration testing distro created by the developers of BackTrack. Although it is a pentest distro, but Kali does not include with Nessus. So to use Nessus, I have to install it manually.
For more info about Kali, you can refer to their website here: http://www.kali.org/
1. Download Nessus – Go to Tenable website and download Nessus software. Choose Linux, Debian 32-bit or Debian 64-bit.
2. Install Nessus – Once the download is finished, run this command to install Nessus. I’m using 64-bit so my installation file is Nessus-x.x.x-debian6_amd64.deb, where ‘x’ is the version number.
dpkg -i Nessus-x.x.X-debian6_amd64.deb
3. Run Nessus service – Next, I run Nessus service by typing this command in the Terminal.
/etc/init.d/nessusd start
4. Navigate to Nessus page – Open Iceweasel (Kali’s default web browser) and go to this address, https://kali:8834. Must use HTTPS connection.
5. Initial Account Setup – Next, I create an admin user for Nessus. This user will have full control on Nessus.
6. Register plugin feed – I need to get the Activation Code. To get the code, I can request it from here, Obtain an Activation Code. I choose “Nessus Home” option because I will use Nessus play around with Metasploitable 2.
The Activation Code will be send to my email. I just copy and paste the Activation Code into the field above.
7. Download the newest plugins – At this point, Nessus will start download the latest plugins from Tenable server. It will take a while. So be patient.
8. Login into Nessus – Now, I can login into my Nessus by using the username and password that use during the registration process.
9. Done! – That’s it! Now I can use Nessus to conduct vulnerability scan to the Metasploitable box.
If you stuck with errors, Kali has a community forum that you can ask and request for helps. Feel free to drop by and say hi at the forum.
Happy pentesting!
Leave a Reply