Install & Configure Nessus on RHEL 8 - cfloquetprojects/homelab GitHub Wiki

Introduction

A staple of many enterprises today is the use of Red Hat Enterprise Linux (RHEL), with the latest iteration of this OS being RHEL 8, which we will be working with today.

I've already created a Red Hat Developer Account, which is not only free, but includes up to 16 different licenses for personal use, which is more than enough for us to get by in our lab environment.

Today we will be installing Nessus Essentials which is the free license (which scans up to 16 hosts) for an enterprise grade security vulnerability scanner.

Downloads for Nessus Essentials can be found here, and you will need to register for an activation code in order to get access to our .rpm file.

Pre-Flight Check

As a matter of principle, unfortunately RHEL does require us to authenticate to our developer account before being able to fetch supported packages or updates out of the box.

This can be easily done with the following commands, leveraging subscription-manager as root enter the following commands:

# subscription-manager register
*enter developer account credentials*
# subscription-manager attach --auto
# subscription-manager status

We will also need to ship both our .rpm file and it's associated SHA256 checksum for integrity checks. Ensure that you have both files in your dedicated Nessus users' home directory prior to moving on.

Installing Nessus Essentials:

We can confirm the integrity of our installation file by issuing the sha256sum command and comparing the returned value to the value available on Tenables' download site.

$ sha256sum Nessus-8.15.2-es8.x86_64.rpm

Now we are able to install Nessus Essentials from the .rpm file using localinstall:

$ sudo yum -y localinstall ./Nessus-8.15.2-es8.x86_64.rpm

Once the installation has finished, we should enable and start the nessusd service:

$ sudo systemctl enable nessusd
$ sudo systemctl start nessusd

The last bit of configuration is simply to add the nessus service to our existing firewall rules, which can be done using the following command:

$ sudo firewall-cmd --permanent --add-service=nessus

Our Nessus Essentials vulnerability scanner should now be reachable at https://IP_OF_NESSUS_HOST:8834