Scan your Home Network using Nessus on Docker
On this blog post we'll look at how to install Nessus on Docker. By using Docker to containerize Nessus, we can easily deploy and manage this powerful vulnerability scanner across different environments.
Nessus Essentials is a free and simplified version of the Nessus vulnerability scanner. It provides a comprehensive vulnerability assessment and can help users to prioritize their security efforts and take action to address any vulnerabilities that are discovered. Nessus Essentials is designed for small businesses and individual users who want to scan their networks for vulnerabilities and identify potential security risks.
Before we move on, please check out our Introduction to Docker post here for basic commands and guidance, which we will be using on this guide.
We'll go through the step-by-step process, and also share some best practices for maintaining a secure Nessus environment. Plus, we'll highlight the benefits of using Docker for Nessus deployment.
Table of contents
- Installing Docker Desktop
- Downloading Nessus Image
- Get Nessus Activation Code
- Installing Nessus Image on Docker
- Accessing Nessus on Web GUI
Installing Docker Desktop
First we need to download and Install Docker Desktop where we can run our Docker Images on. Download from here
Once installed, open the Docker Desktop - It should look something similar to the image above.
Downloading Nessus Image
Now we have Docker set-up on our machine, now we need to download Nessus from Docker Hub. Run the following command in CLI to download the image.
docker pull tenableofficial/nessus:10.5.1
At the writing of this guide, 10.5.1 is the latest version, however Docker will download latest version, if the version is not stated.
Get Nessus Activation Code
We need to get action code, in order to use Nessus Essentials. This Vulnerability Scanner allow us to scan up to 16 IP address per scanner for free.
Register her to get a free action code : https://www.tenable.com/products/nessus/nessus-essentials
An activation code will be sent to your e-mail address.
Installing Nessus Image on Docker
As we can see from previous image, we have successfully downloaded official tenable Nessus version 10.5.1.
Copy and past activation code into ACTIVATION_CODE=<CODE> before running the following command.
docker run --name "nessus-ess" -d -p 8834:8834 -e ACTIVATION_CODE=<activation code goes here> -e USERNAME=admin -e PASSWORD=admin tenableofficial/nessus:10.5.1
we can confirm the docker is active by running docker ps command
This installation would take 10-15 minutes, as the docker has to download some additional plugins and installation files. We can check the logs by running docker logs <name of the docker> in our case, it would be docker logs nessus-ess
Accessing Nessus on Web GUI
After installation, we should able to access by https://localhost:8834 as shown below. Click on proceed to localhost, as we just span up this service.
Enter admin for username and password.
Enter the network we want to scan, usually its 192.168.0.0/24. Also we can specify IP range, as shown below.
Since I'm using my phone Hotspot internet, I have added two of the devices within my hotspot network to scan.
We can see all potential vulnerabilities found on our device, and suggestion to mitigate them.
Also, Nessus provide other scan options that scan for particular malware, and threats as shown below.
In future posts, we will dive into found Vulnerabilities and how to mitigate them. If you encounter any issues while following this guide, feel free to leave a comment below.
I hope you find this guide useful😊
Member discussion