Nessus is a vulnerability scanning and analysis software from tenable, a leading information security services company, known as “the world’s most popular vulnerability scanner, used by more than 75,000 organizations worldwide.” Although the scanner is available for free download, the cost of direct ordering is $ 1,200 per year, or $ 100 per month, to update from Tenable to all the latest threat information. Nessus is available on Linux, FreeBSD, Solaris, Mac OS X, and Windows.
Nessus is currently divided into four versions: Nessus Home, Nessus Professional, Nessus Manager, Nessus Cloud.

  • Nessus Home freeware for home users limited for scanning 16 hosts and for non-commercial home use only. It doesn’t support compliance checks (it is written on a site, but as fact it does) or content audits.
  • Nessus Professional can scan any amount of hosts without limitations. Ideal for the companies with low budgets or/and companies with enormous amount of host in network. Costs only $2,190.00. Extremely cheap comparing with other commercial vulnerability scanner.
  • Nessus Manager for small enterprises. It is positioned by Tenable as “Vulnerability management” solution. As I see it, some Tenable users could said “We use Nessus, we like it, but we want some more features: dashboards, integration with Active Directory and somehow to control nessus slave-scanner with nessus-master scanner. So, now we have more expansive Nessus Manager for such users. And we need to use it for multiscanner feature and the local agents. And it is licensed by Ip. In may 2016 Nessus Manager cost $2,920.00 for 128 Hosts/128 Agents and $4,745.00 for 256 Hosts/256 Agents. Upd. I wrote a separate post about Nessus Manager and agent scanning, so if you are interested plz check out: “Nessus Manager and Agents
  • Nessus Cloud – like Nessus Manager but hosted on Tenable servers (Service As A Service, SaaS). Cost is the same as Nessus Manager. In April 2016 Tenable added some more advanced dashboards and scanning management features in Nessus Cloud. Maybe they will add such features in Nessus Manager. Maybe not.

How to install Nessus

  1. Fill the tample at
    http://www.tenable.com/products/nessus-homescreenshot-from-2016-11-22-08-34-52
  2. Check your mail box to get your key
  3. Download Nessus at http://www.tenable.com/products/nessus/select-your-operating-system#downloadscreenshot-from-2016-11-22-08-37-43
  4. Installing Nessusddos@ddos ~/Desktop $ sudo dpkg -i Nessus-6.9.1-ubuntu1110_amd64.deb
  5. Start Nessus serviceddos@ddos ~/Desktop $ sudo /etc/init.d/nessusd start
  6. Go https://<host>:8834 to configure scanner

    screenshot-from-2016-11-22-08-49-34
    Nessus will download updates (mostly nasl plugins for scanning) and finish the installation.

    screenshot-from-2016-11-22-08-53-37

    screenshot-from-2016-11-22-09-00-51