Installing and activating Nessus

Nessus is a vulnerability scanner developed by Tenable Network Security. It scans hosts and subnets for network-level and service-level vulnerabilities. Nessus is available free of charge with restricted features for non-business users. It consists of two main components: NessusD (Nessus Daemon), and a client application that can be hosted on the same machine. Nessus Daemon is responsible for performing the scan and delivering the result to the client application, providing these results in various formats. Tenable also develops incremental updates and detection mechanisms, called plugins, which can be downloaded and updated regularly. It also provides additional probing functionality of known vulnerabilities; for example, if an FTP port is found to be open, Nessus will automatically try to log in using the anonymous user. Nessus has both a command line and web interface, but we will be mostly looking into the GUI-based web interface, due to its ease of use.