Apr 14, 2022
Deploying Nessus Vulnerability Scanner in Windows using Docker
Recently I have started using a vulnerability scanner to scan vulnerabilities using Nessus Essentials in the web applications that we develop. I have deployed Nessus Essentials as a docker container in my work Windows system. I would like to document the method how I installed this vulnerability scanner using docker in a windows system. This article can help someone who is in a similar situation seeking to use a vulnerability scanner for securing their web applications.
Docker Installation
For the vulnerability scanner to work seamlessly in this method we need to have docker installed in our windows machine. Use this article from Docker to Install docker in your machine Docker installation on Windows
Docker desktop should be running without issues
Docker commandline can be accessed from powershell
Getting Activation Code
Tenable provides Nessus Essentials which is a free vulnerability scanner that provides an entry point for vulnerability assessment. You get the same powerful scanner enjoyed by Nessus Professional subscribers, with the ability to scan 16 IPs.
You need to get an activation code from Tenable before you deploy it into your docker container. Go to this link(Get ActivationCode)and click Register Now under Nessus Essentials section
In the following page enter Firstname, Lastname and your email address
You will receive an email from no-reply@tenable.com with an activation code. Keep it safe for later use. This is a one-time code. If you uninstall and then reinstall you will need to register the scanner again and receive another activation code.
Deploy Nessus as a Docker Image
You can deploy a managed Nessus scanner or an instance of Nessus Professional as a Docker image to run on a container. The base image is a CentOS 8 instance of Nessus. You can configure the Nessus instance with environment variables to automatically configure the image with the settings you configure.
Tenable does not recommend deploying Nessus in a Docker container that shares a network interface controller (NIC) with another Docker container.
Access the Nessus Docker image from https://hub.docker.com/r/tenableofficial/nessus
To deploy Nessus as a docker image:
In Windows Powershell, use the docker pull command to get the image
```$ docker pull tenableofficial/nessus```
After the image is successfully downloaded, Use the docker run command to run your image
Note: Tenable recommends you use environment variables to configure your instance of Nessus when you run the image. If you do not include environment variables such as an activation code, username, password, or linking key (if creating a managed Nessus scanner), you must configure those items later.
$ docker run — name “container name” -d -p 8834:8834 -e ACTIVATION_CODE=<activation code> -e USERNAME=<username> -e PASSWORD=<password> tenableofficial/nessusI ran the docker image without environment variables with the below command. I configured the activation code and username credentials at later part
$ docker run --name "sarannessuslocal" -d -p 8834:8834 tenableofficial/nessusCheck if nessus docker container is running using docker ps command
You can also verify in Docker Desktop app
Nessus Essentials is successfully deployed as an Docker image in your windows machine
Using Nessus Essentials for the first time
To use the Nessus Vulnerability scanner you can visit this url https://127.0.0.1:8834/ or https://localhost:8834/ in your browser or click Open in Browser in docker desktop
Click Nessus Essentials and proceed
You can skip the next part if you have requested for Activation code already. I have requested so I am skipping the next screen
Enter the activation code and click continue
Set a main admin username and password to access your Nessus Essentials
The following screen takes longer based on your network speed and system performance. Plugins needed for network scans are downloaded from the Internet and installed for your usage
Offline Activation
If you are using an business laptop and your system is having VPN and firewall rules setup. You activation through your local Nessus Docker installation will fail. In that case you need to use offline activation to activate your nessus product.
Check the Offline activation checkbox and Offline registration link on the page. Copy the challenge code
Paste the copied challenge code and the activation code that you received in the Offline registration page
Copy the license characters that you are presented after activation
Return to your nessus essentials page and paste the copied license key in the provided text box. Your product will be activated successfully.
If you used the offline activation method there is a high chance that Nessus plugins won’t be downloaded successfully due to your organization’s firewall and proxy configurations.
In order for the Nessus vulnerability scanner to successfully work inside your work system or pc you need to whitelist these url’s your work machine.
If you cannot change firewall settings, disable proxy configuration or VPN configuration when you are performing the vulnerability scanning
Attention followers! Show your support for my work and keep me fueled by buying me a coffee on BuyMeACoffee. Your generosity helps me keep creating content for you. Follow this link https://www.buymeacoffee.com/saransenwrites to make a contribution today. Thank you for your support!
