Nessus hoja de trucos
Overview
Nessus is a comprehensive vulnerabilidad assessment platform developed by Tenable that provides enterprise-grade security scanning capabilities for identifying, analyzing, and prioritizing security vulnerabilities across network infrastructure, aplicación webs, databases, and cloud environments. As one of the most widely deployed vulnerabilidad scanners in the cybersecurity industry, Nessus combines advanced scanning techniques with extensive vulnerabilidad intelligence to deliver accurate and actionable security assessments. The platform suppuertos both authenticated and unauthenticated scanning methodologies, enabling security teams to conduct thorough assessments of internal and external assets while minimizing false positives and providing detailed remediation guidance.
The Nessus architecture consists of multiple components including the Nessus Scanner engine, Nessus Manager for centralized management, and various client interfaces for configuración and repuertoing. The scanner engine utilizes a comprehensive plugin framework with over 100,000 vulnerabilidad checks covering operating systems, network servicios, aplicación webs, databases, and specialized industrial control systems. This extensive plugin library is continuously updated by Tenable's research team to address emerging threats and newly discovered vulnerabilities, ensuring that organizations maintain current visibility into their security posture. The platform's intelligent scanning capabilities include adaptive scanning techniques that adjust scan intensity based on objetivo responsiveness and network conditions.
Nessus provides advanced features for enterprise security programs including compliance auditing against industry standards such as PCI DSS, HIPAA, and CIS benchmarks, integration with vulnerabilidad management workflows, and comprehensive repuertoing capabilities for technical and executive audiences. The platform suppuertos distributed scanning architectures for large environments, API integration for automation and orchestration, and advanced configuración opcións for specialized scanning requirements. With its proven track record in enterprise environments and continuous innovation in vulnerabilidad detection techniques, Nessus remains a cornerstone tool for organizations implementing comprehensive vulnerabilidad management programs and maintaining robust security postures.
instalación
Nessus Professional instalación
Installing Nessus Professional on various platforms:
# Ubuntu/Debian instalación
# Download Nessus from Tenable website
wget https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/[VERSION]/Nessus-[VERSION]-ubuntu1404_amd64.deb
# Install Nessus package
sudo dpkg -i Nessus-[VERSION]-ubuntu1404_amd64.deb
# Start Nessus servicio
sudo systemctl enable nessusd
sudo systemctl start nessusd
# Check servicio status
sudo systemctl status nessusd
# Access web interface
# Navigate to https://localhost:8834
# CentOS/RHEL instalación
# Download RPM package
wget https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/[VERSION]/Nessus-[VERSION]-es7.x86_64.rpm
# Install package
sudo rpm -ivh Nessus-[VERSION]-es7.x86_64.rpm
# Start servicio
sudo systemctl enable nessusd
sudo systemctl start nessusd
# Configure firewall
sudo firewall-cmd --permanent --add-puerto=8834/tcp
sudo firewall-cmd --reload
# Windows instalación
# Download Windows installer from Tenable
# Run installer as Administrator
# Follow instalación wizard
# Access via https://localhost:8834
# macOS instalación
# Download macOS installer
# Mount DMG file
# Run installer package
# Start Nessus from Applications or comando line
sudo launchctl load /Library/Launchdemonios/com.tenablesecurity.nessusd.plist
Docker instalación
Running Nessus in Docker:
# Create Nessus Docker container
docker run -d --name nessus \
-p 8834:8834 \
-v nessus_data:/opt/nessus/var/nessus \
tenable/nessus:latest
# Check container status
docker ps|grep nessus
# View container logs
docker logs nessus
# Access web interface
# Navigate to https://localhost:8834
# Stop/Start container
docker stop nessus
docker start nessus
# Update Nessus in Docker
docker pull tenable/nessus:latest
docker stop nessus
docker rm nessus
# Run new container with same volume
Initial configuración
Setting up Nessus for first use:
# Create admin user (via web interface or CLI)
# Web interface: https://localhost:8834
# Follow setup wizard
# CLI user creation (if needed)
sudo /opt/nessus/sbin/nessuscli adduser admin
# Set user contraseña
sudo /opt/nessus/sbin/nessuscli chpasswd admin
# Check Nessus version
sudo /opt/nessus/sbin/nessuscli -v
# Update plugins
sudo /opt/nessus/sbin/nessuscli update
# Check plugin status
sudo /opt/nessus/sbin/nessuscli plugins list
# License activation (Professional/Enterprise)
sudo /opt/nessus/sbin/nessuscli fetch --register [ACTIVATION_CODE]
# Check license status
sudo /opt/nessus/sbin/nessuscli fetch --check
Basic uso
Web Interface Navigation
Using the Nessus web interface:
# Access Nessus web interface
https://localhost:8834
# Login with admin credenciales
# nombre de usuario: admin
# contraseña: [your_contraseña]
# Main navigation areas:
# - Scans: Create and manage vulnerabilidad scans
# - Policies: Configure scan templates and policies
# - Settings: System configuración and user management
# - Help: documentación and suppuerto resources
# Create new scan
# 1. Click "New Scan"
# 2. Select scan template
# 3. Configure scan settings
# 4. Add objetivos
# 5. Launch scan
# View scan results
# 1. Click on completed scan
# 2. Review vulnerabilidad summary
# 3. Drill down into specific findings
# 4. Expuerto repuertos as needed
Basic Scanning
Performing basic vulnerabilidad scans:
# Quick scan of single host
# objetivo: 192.168.1.100
# Template: Basic Network Scan
# Settings: Default
# Network range scan
# objetivo: 192.168.1.0/24
# Template: Advanced Scan
# Settings: Comprehensive
# aplicación web scan
# objetivo: https://webapp.ejemplo.com
# Template: aplicación web Tests
# Settings: Authenticated scan
# Database scan
# objetivo: 192.168.1.50:3306
# Template: Advanced Scan
# Settings: Database-specific checks
# Compliance scan
# objetivo: 192.168.1.0/24
# Template: Policy Compliance Auditing
# Settings: CIS benchmarks
Scan Templates
Common Nessus scan templates:
# Basic Network Scan
# - escaneo de puertos
# - servicio detection
# - Basic vulnerabilidad checks
# - Suitable for: Initial discovery
# Advanced Scan
# - Comprehensive vulnerabilidad assessment
# - All plugin families enabled
# - Detailed servicio enumeración
# - Suitable for: Thorough security assessment
# aplicación web Tests
# - Web vulnerabilidad scanning
# - OWASP Top 10 checks
# - autenticación testing
# - Suitable for: aplicación web security
# malware Scan
# - malware detection
# - puerta trasera identification
# - Suspicious file analysis
# - Suitable for: respuesta a incidentes
# Mobile Device Scan
# - Mobile device vulnerabilities
# - configuración assessment
# - App security analysis
# - Suitable for: Seguridad Móvil
# SCADA and ICS Scan
# - Industrial control systems
# - SCADA vulnerabilities
# - protocolo-specific checks
# - Suitable for: OT/ICS environments
Advanced Features
Authenticated Scanning
Configuring authenticated scans for deeper assessment:
# Windows autenticación
# credenciales tab in scan policy:
# - autenticación method: Windows
# - nombre de usuario: domain\nombre de usuario or nombre de usuario
# - contraseña: [contraseña]
# - Domain: [domain_name]
# SSH autenticación
# credenciales tab:
# - autenticación method: SSH
# - nombre de usuario: [ssh_nombre de usuario]
# - contraseña: [ssh_contraseña]
# - Or use SSH clave autenticación
# - Private clave: [path_to_private_clave]
# - Passphrase: [clave_passphrase]
# Database autenticación
# credenciales tab:
# - autenticación method: Database
# - Database type: MySQL/PostgreSQL/Oracle/MSSQL
# - nombre de usuario: [db_nombre de usuario]
# - contraseña: [db_contraseña]
# - Database: [database_name]
# SNMP autenticación
# credenciales tab:
# - autenticación method: SNMP
# - Community string: [community]
# - SNMP version: v1/v2c/v3
# - For v3: nombre de usuario, auth/priv protocolos
# aplicación web autenticación
# credenciales tab:
# - autenticación method: HTTP
# - nombre de usuario: [web_nombre de usuario]
# - contraseña: [web_contraseña]
# - autenticación type: Basic/Digest/NTLM/Form
Custom Scan Policies
Creating custom scan policies:
# Create new policy
# 1. Navigate to Policies
# 2. Click "New Policy"
# 3. Select base template
# 4. Configure settings
# General Settings
# - Name: Custom Security Assessment
# - Descripción: Comprehensive scan for production systems
# - Folder: [organization_folder]
# Discovery Settings
# - puerto scan range: 1-65535
# - puerto scan type: SYN scan
# - Network ping: ICMP/TCP/ARP
# - servicio detection: Enabled
# Assessment Settings
# - General: All vulnerabilidad checks
# - fuerza bruta: Disabled (for production)
# - aplicación webs: Enabled
# - Windows: Enabled with credenciales
# - UNIX: Enabled with credenciales
# Repuerto Settings
# - Format: HTML/PDF/CSV
# - Include: Executive summary, technical details
# - Exclude: Information-level findings (opciónal)
# Advanced Settings
# - Max hosts per scan: 100
# - Max checks per host: Unlimited
# - Network timeout: 5 minutes
# - Max scan time: 24 hours
Plugin Management
Managing Nessus plugins:
# Update plugins via CLI
sudo /opt/nessus/sbin/nessuscli update
# Check plugin feed status
sudo /opt/nessus/sbin/nessuscli plugins list|head -20
# Plugin families
# - puerta traseras
# - fuerza bruta attacks
# - CISCO
# - Databases
# - Denial of servicio
# - FTP
# - Firewalls
# - General
# - Gain a shell remotely
# - malware
# - Misconfiguración
# - Netware
# - Peer-To-Peer File Sharing
# - Policy Compliance
# - puerto scanners
# - SCADA
# - SMTP problems
# - SNMP
# - servicio detection
# - Settings
# - Web Servers
# - Windows
# Enable/disable plugin families in policy
# 1. Edit scan policy
# 2. Navigate to Plugins tab
# 3. Select/deselect plugin families
# 4. Configure individual plugins if needed
# Custom plugin configuración
# 1. Expand plugin family
# 2. Configure individual plugins
# 3. Set plugin preferencias
# 4. Save policy
Compliance Scanning
Performing compliance audits:
# CIS Benchmarks
# Policy template: Policy Compliance Auditing
# Compliance tab:
# - Select CIS benchmark
# - Choose operating system
# - Configure audit file
# PCI DSS Compliance
# Policy template: PCI DSS Audit
# Settings:
# - Network segmentation checks
# - cifrado verification
# - Control de Acceso assessment
# - vulnerabilidad management
# NIST Cybersecurity Framework
# Policy template: NIST CSF
# Categories:
# - Identify
# - Protect
# - Detect
# - Respond
# - Recover
# HIPAA Compliance
# Policy template: HIPAA Audit
# Focus areas:
# - Control de Accesos
# - Audit controls
# - Integrity
# - Person or entity autenticación
# - Transmission security
# SOX Compliance
# Policy template: SOX Audit
# Controls:
# - IT general controls
# - Application controls
# - Database security
# - Change management
# Custom compliance audit
# 1. Create new policy
# 2. Select compliance template
# 3. Upload custom audit file
# 4. Configure scan settings
# 5. Run compliance scan
Automation Scripts
Automated Scanning Script
#!/usr/bin/env python3
# Nessus automated scanning and repuertoing
impuerto requests
impuerto json
impuerto time
impuerto urllib3
impuerto logging
from datetime impuerto datetime
impuerto argparse
# Disable SSL warnings
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
class NessusAutomation:
def __init__(self, server_url, nombre de usuario, contraseña):
self.server_url = server_url.rstrip('/')
self.nombre de usuario = nombre de usuario
self.contraseña = contraseña
self.token = None
self.sesión = requests.sesión()
self.sesión.verify = False
self.setup_logging()
self.authenticate()
def setup_logging(self):
logging.basicConfig(
level=logging.INFO,
format='%(asctime)s - %(levelname)s - %(message)s',
handlers=[
logging.FileHandler('/var/log/nessus_automation.log'),
logging.StreamHandler()
]
)
self.logger = logging.getLogger(__name__)
def authenticate(self):
"""Authenticate with Nessus server"""
auth_data = \\\\{
'nombre de usuario': self.nombre de usuario,
'contraseña': self.contraseña
\\\\}
try:
response = self.sesión.post(
f"\\\\{self.server_url\\\\}/sesión",
json=auth_data,
timeout=30
)
if response.status_code == 200:
self.token = response.json()['token']
self.sesión.headers.update(\\\\{'X-Cookie': f'token=\\\\{self.token\\\\}'\\\\})
self.logger.info("Successfully authenticated with Nessus")
else:
raise Exception(f"autenticación failed: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"autenticación error: \\\\{e\\\\}")
raise
def get_scan_templates(self):
"""Get available scan templates"""
try:
response = self.sesión.get(f"\\\\{self.server_url\\\\}/editor/scan/templates")
if response.status_code == 200:
templates = response.json()['templates']
self.logger.info(f"Found \\\\{len(templates)\\\\} scan templates")
return templates
else:
raise Exception(f"Failed to get templates: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error getting templates: \\\\{e\\\\}")
return []
def create_scan(self, name, objetivos, template_uuid, policy_id=None):
"""Create a new scan"""
scan_data = \\\\{
'uuid': template_uuid,
'settings': \\\\{
'name': name,
'text_objetivos': objetivos,
'Descripción': f'Automated scan created on \\\\{datetime.now().isoformat()\\\\}'
\\\\}
\\\\}
if policy_id:
scan_data['settings']['policy_id'] = policy_id
try:
response = self.sesión.post(
f"\\\\{self.server_url\\\\}/scans",
json=scan_data
)
if response.status_code == 200:
scan_id = response.json()['scan']['id']
self.logger.info(f"Created scan '\\\\{name\\\\}' with ID: \\\\{scan_id\\\\}")
return scan_id
else:
raise Exception(f"Failed to create scan: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error creating scan: \\\\{e\\\\}")
return None
def launch_scan(self, scan_id):
"""Launch a scan"""
try:
response = self.sesión.post(f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}/launch")
if response.status_code == 200:
self.logger.info(f"Launched scan ID: \\\\{scan_id\\\\}")
return True
else:
raise Exception(f"Failed to launch scan: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error launching scan: \\\\{e\\\\}")
return False
def get_scan_status(self, scan_id):
"""Get scan status"""
try:
response = self.sesión.get(f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}")
if response.status_code == 200:
scan_info = response.json()['info']
status = scan_info['status']
return status
else:
raise Exception(f"Failed to get scan status: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error getting scan status: \\\\{e\\\\}")
return None
def wait_for_scan_completion(self, scan_id, max_wait_time=3600):
"""Wait for scan to complete"""
start_time = time.time()
while time.time() - start_time < max_wait_time:
status = self.get_scan_status(scan_id)
if status == 'completed':
self.logger.info(f"Scan \\\\{scan_id\\\\} completed successfully")
return True
elif status in ['canceled', 'aborted']:
self.logger.error(f"Scan \\\\{scan_id\\\\} was \\\\{status\\\\}")
return False
elif status == 'running':
self.logger.info(f"Scan \\\\{scan_id\\\\} is still running...")
time.sleep(60) # Check every minute
else:
self.logger.warning(f"Unknown scan status: \\\\{status\\\\}")
time.sleep(60)
self.logger.error(f"Scan \\\\{scan_id\\\\} did not complete within \\\\{max_wait_time\\\\} seconds")
return False
def expuerto_scan_repuerto(self, scan_id, format_type='html'):
"""Expuerto scan repuerto"""
expuerto_data = \\\\{
'format': format_type
\\\\}
try:
# Request expuerto
response = self.sesión.post(
f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}/expuerto",
json=expuerto_data
)
if response.status_code == 200:
file_id = response.json()['file']
self.logger.info(f"Expuerto requested for scan \\\\{scan_id\\\\}, file ID: \\\\{file_id\\\\}")
# Wait for expuerto to complete
while True:
status_response = self.sesión.get(
f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}/expuerto/\\\\{file_id\\\\}/status"
)
if status_response.status_code == 200:
expuerto_status = status_response.json()['status']
if expuerto_status == 'ready':
# Download the repuerto
download_response = self.sesión.get(
f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}/expuerto/\\\\{file_id\\\\}/download"
)
if download_response.status_code == 200:
filename = f"nessus_scan_\\\\{scan_id\\\\}_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}.\\\\{format_type\\\\}"
with open(filename, 'wb') as f:
f.write(download_response.content)
self.logger.info(f"Repuerto downloaded: \\\\{filename\\\\}")
return filename
else:
raise Exception(f"Failed to download repuerto: \\\\{download_response.status_code\\\\}")
else:
self.logger.info(f"Expuerto status: \\\\{expuerto_status\\\\}")
time.sleep(10)
else:
raise Exception(f"Failed to check expuerto status: \\\\{status_response.status_code\\\\}")
else:
raise Exception(f"Failed to request expuerto: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error expuertoing repuerto: \\\\{e\\\\}")
return None
def get_scan_vulnerabilities(self, scan_id):
"""Get vulnerabilities from scan"""
try:
response = self.sesión.get(f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}")
if response.status_code == 200:
scan_data = response.json()
vulnerabilities = scan_data.get('vulnerabilities', [])
# Get detailed vulnerabilidad information
detailed_vulns = []
for vuln in vulnerabilities:
vuln_detail_response = self.sesión.get(
f"\\\\{self.server_url\\\\}/scans/\\\\{scan_id\\\\}/hosts/\\\\{vuln['host_id']\\\\}/plugins/\\\\{vuln['plugin_id']\\\\}"
)
if vuln_detail_response.status_code == 200:
detailed_vulns.append(vuln_detail_response.json())
return detailed_vulns
else:
raise Exception(f"Failed to get vulnerabilities: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error getting vulnerabilities: \\\\{e\\\\}")
return []
def create_automated_scan_workflow(self, objetivos, scan_name_prefix="Auto"):
"""Create and execute automated scan workflow"""
self.logger.info("Starting automated scan workflow")
# Get available templates
templates = self.get_scan_templates()
# Find Advanced Scan template
advanced_template = None
for template in templates:
if 'advanced' in template['name'].lower():
advanced_template = template
break
if not advanced_template:
self.logger.error("Advanced scan template not found")
return None
# Create scan
scan_name = f"\\\\{scan_name_prefix\\\\}_\\\\{datetime.now().strftime('%Y%m%d_%H%M%S')\\\\}"
scan_id = self.create_scan(
name=scan_name,
objetivos=objetivos,
template_uuid=advanced_template['uuid']
)
if not scan_id:
return None
# Launch scan
if not self.launch_scan(scan_id):
return None
# Wait for completion
if not self.wait_for_scan_completion(scan_id):
return None
# Expuerto repuertos
html_repuerto = self.expuerto_scan_repuerto(scan_id, 'html')
csv_repuerto = self.expuerto_scan_repuerto(scan_id, 'csv')
# Get vulnerabilidad data
vulnerabilities = self.get_scan_vulnerabilities(scan_id)
results = \\\\{
'scan_id': scan_id,
'scan_name': scan_name,
'html_repuerto': html_repuerto,
'csv_repuerto': csv_repuerto,
'vulnerabilidad_count': len(vulnerabilities),
'vulnerabilities': vulnerabilities
\\\\}
self.logger.info(f"Automated scan workflow completed for \\\\{objetivos\\\\}")
return results
def logout(self):
"""Logout from Nessus"""
try:
response = self.sesión.delete(f"\\\\{self.server_url\\\\}/sesión")
if response.status_code == 200:
self.logger.info("Successfully logged out from Nessus")
else:
self.logger.warning(f"Logout response: \\\\{response.status_code\\\\}")
except Exception as e:
self.logger.error(f"Error during logout: \\\\{e\\\\}")
# uso ejemplo
def main():
parser = argparse.ArgumentParser(Descripción='Nessus Automation Script')
parser.add_argument('--server', required=True, help='Nessus server URL')
parser.add_argument('--nombre de usuario', required=True, help='Nessus nombre de usuario')
parser.add_argument('--contraseña', required=True, help='Nessus contraseña')
parser.add_argument('--objetivos', required=True, help='Scan objetivos (comma-separated)')
parser.add_argument('--scan-name', default='Automated', help='Scan name prefix')
args = parser.parse_args()
try:
# Initialize Nessus automation
nessus = NessusAutomation(args.server, args.nombre de usuario, args.contraseña)
# Run automated scan workflow
results = nessus.create_automated_scan_workflow(
objetivos=args.objetivos,
scan_name_prefix=args.scan_name
)
if results:
print(f"Scan completed successfully:")
print(f" Scan ID: \\\\{results['scan_id']\\\\}")
print(f" Scan Name: \\\\{results['scan_name']\\\\}")
print(f" Vulnerabilities Found: \\\\{results['vulnerabilidad_count']\\\\}")
print(f" HTML Repuerto: \\\\{results['html_repuerto']\\\\}")
print(f" CSV Repuerto: \\\\{results['csv_repuerto']\\\\}")
else:
print("Scan workflow failed")
# Logout
nessus.logout()
except Exception as e:
print(f"Error: \\\\{e\\\\}")
if __name__ == "__main__":
main()
Integration ejemplos
SIEM Integration
#!/bin/bash
# Nessus SIEM integration script
# configuración
NESSUS_SERVER="https://nessus.company.com:8834"
NESSUS_USER="api_user"
NESSUS_PASS="api_contraseña"
SPLUNK_HEC_URL="https://splunk.company.com:8088/servicios/collector/event"
SPLUNK_token="your-hec-token"
# Function to send events to Splunk
send_to_splunk() \\\\{
local event_data="$1"
curl -k -X POST "$SPLUNK_HEC_URL" \
-H "autorización: Splunk $SPLUNK_token" \
-H "Content-Type: application/json" \
-d "$event_data"
\\\\}
# Function to proceso Nessus scan results
proceso_scan_results() \\\\{
local scan_id="$1"
# Expuerto scan results as JSON
python3 -c "
impuerto requests
impuerto json
impuerto urllib3
urllib3.disable_warnings()
sesión = requests.sesión()
sesión.verify = False
# Authenticate
auth_data = \\\\{'nombre de usuario': '$NESSUS_USER', 'contraseña': '$NESSUS_PASS'\\\\}
auth_response = sesión.post('$NESSUS_SERVER/sesión', json=auth_data)
token = auth_response.json()['token']
sesión.headers.update(\\\\{'X-Cookie': f'token=\\\\{token\\\\}'\\\\})
# Get scan results
scan_response = sesión.get('$NESSUS_SERVER/scans/$scan_id')
scan_data = scan_response.json()
# proceso vulnerabilities
for vuln in scan_data.get('vulnerabilities', []):
splunk_event = \\\\{
'time': scan_data['info']['timestamp'],
'source': 'nessus',
'sourcetype': 'nessus:vulnerabilidad',
'event': \\\\{
'scan_id': '$scan_id',
'plugin_id': vuln['plugin_id'],
'plugin_name': vuln['plugin_name'],
'severity': vuln['severity'],
'count': vuln['count'],
'vuln_index': vuln['vuln_index']
\\\\}
\\\\}
print(json.dumps(splunk_event))
"|while read -r event; do
send_to_splunk "$event"
done
\\\\}
# Main execution
if [ $# -ne 1 ]; then
echo "uso: $0 <scan_id>"
exit 1
fi
SCAN_ID="$1"
proceso_scan_results "$SCAN_ID"
solución de problemas
Common Issues
servicio Startup Issues:
# Check Nessus servicio status
sudo systemctl status nessusd
# Check Nessus logs
sudo tail -f /opt/nessus/var/nessus/logs/nessusd.messages
# Restart Nessus servicio
sudo systemctl restart nessusd
# Check puerto availability
sudo netstat -tlnp|grep 8834
sudo ss -tlnp|grep 8834
Web Interface Access Issues:
# Check firewall settings
sudo ufw status
sudo firewall-cmd --list-puertos
# Allow Nessus puerto
sudo ufw allow 8834/tcp
sudo firewall-cmd --permanent --add-puerto=8834/tcp
sudo firewall-cmd --reload
# Check SSL certificado
openssl s_client -connect localhost:8834 -servername localhost
# Reset admin contraseña
sudo /opt/nessus/sbin/nessuscli chpasswd admin
Plugin Update Issues:
# Manual plugin update
sudo /opt/nessus/sbin/nessuscli update
# Check plugin feed status
sudo /opt/nessus/sbin/nessuscli plugins list
# Reset plugin database
sudo systemctl stop nessusd
sudo rm -rf /opt/nessus/var/nessus/plugins/*
sudo systemctl start nessusd
sudo /opt/nessus/sbin/nessuscli update
Performance Optimization
Optimizing Nessus performance:
# Increase memory allocation
# Edit /opt/nessus/etc/nessus/nessusd.conf
# Add: max_hosts = 50
# Add: max_checks = 10
# Optimize scan settings
# - Reduce concurrent hosts per scan
# - Disable unnecessary plugin families
# - Use authenticated scanning when possible
# - Schedule scans during off-peak hours
# Database optimization
sudo /opt/nessus/sbin/nessuscli fix --reset-db
# Disk space management
# Clean old scan results
# Archive completed scans
# Monitor /opt/nessus/var/nessus/ uso
Security Considerations
Operational Security
Nessus Server Security: - Deploy Nessus on dedicated, hardened systems - Implement network segmentation for scanner placement - Use strong autenticación and Control de Accesos - Regular security updates and patch management - Monitor Nessus server for unauthorized access
Scan Data Protection: - Encrypt scan results and repuertos - Implement secure data retention policies - Control access to vulnerabilidad data - Secure transmission of scan results - Regular backup and recovery procedures
Compliance and Governance
Scanning autorización: - Obtain proper autorización before scanning - Document scanning scope and limitations - Implement change control for scan policies - Regular review of scanning procedures - Compliance with organizational policies