Nessus Activation Code Installation

Thank you for registering your Nessus subscription! With Nessus 5.2, you can temporarily activate the product during the installation process. For ProfessionalFeed users, this will only serve as a short-term trial. You must activate your Activation Code for the Nessus Subscription from either your Tenable Support Portal account for the ProfessionalFeed or your HomeFeed registration email. You must subscribe to the ProfessionalFeed to use Nessus in a professional environment even if it is not directly for commercial purposes. This includes scanning your desktop at work or a home computer that is used for business purposes. Please review the Subscription Agreement for more details on the type of subscription for which you are qualified. Note that you can only use your Activation Code for one scanner, unless the scanners are managed by the SecurityCenter. As of Nessus 5, scanner activation is performed through a web interface during the installation process.

Note that, by default, Nessus will attempt to update its plugins every 24 hours after you have registered it. If you do not want such an update attempted, edit the auto_update setting to no under Configuration -> Advanced within the Nessus GUI.

Nessus without Internet Access

If your Nessus installation cannot reach the Internet directly, use the following procedure to register and update plugins: On the system running Nessus, type the following command: Platform Linux FreeBSD Mac OS X Windows Command to Run # /opt/nessus/bin/nessus-fetch -challenge # /usr/local/nessus/bin/nessus-fetch -challenge # /Library/Nessus/run/bin/nessus-fetch --challenge C:\Program Files\Tenable\Nessus>nessus-fetch --challenge

This will produce a string called challenge that looks similar to following: 569ccd9ac72ab3a62a3115a945ef8e710c0d73b8 Next, go to https://plugins.nessus.org/offline.php and paste the challenge string as well as the Activation Code that you received previously into the appropriate text boxes. This will produce a URL that will give you direct access to the Nessus plugin feed. Save this URL because you will use it every time you update your plugins. In addition, it will produce a file called nessus-fetch.rc. Copy this file to the host running Nessus in the appropriate directory: Platform Linux FreeBSD Mac OS X Windows Directory # /opt/nessus/etc/nessus/ # /usr/local/nessus/etc/nessus # /Library/Nessus/run/etc/nessus C:\Program Files\Tenable\Nessus\conf

Once the nessus-fetch.rc file has been copied, run the nessus-fetch command to install the file: Platform Linux FreeBSD Mac OS X Windows Directory # /opt/nessus/bin/nessus-fetch --register-offline /opt/nessus/etc/nessus/nessus-fetch.rc # /usr/local/nessus/bin/nessus-fetch --register-offline /usr/local/nessus/etc/nessus/nessus-fetch.rc # /Library/Nessus/run/bin/nessus-fetch --register-offline /Library/Nessus/run/etc/nessus/nessus-fetch.rc C:\Program Files\Tenable\Nessus>nessus-fetch.exe --register-offline "C:\Program Files\Tenable\Nessus\conf\nessus-fetch.rc"

You can obtain the newest plugins by going to the URL that was provided in the previous step. Here, you will receive a TAR file (e.g., all-2.0.tar.gz). Copy the file to the Nessus scanner system and then type the appropriate command for your platform: Platform Linux FreeBSD Mac OS X Windows Command # /opt/nessus/sbin/nessus-update-plugins all-2.0.tar.gz # /usr/local/nessus/sbin/nessus-update-plugins all-2.0.tar.gz # /Library/Nessus/run/sbin/nessus-update-plugins all-2.0.tar.gz C:\Program Files\Tenable\Nessus>nessus-update-plugins all-2.0.tar.gz

Resetting Activation Code

If for some reason you receive an error (such as Code in Use) regarding your Activation Code through the Nessus scanner (perhaps caused by a hardware crash, moving the scanner to a new host, software upgrade, or installation difficulties), you can reset your ProfessionalFeed Activation Code from your Tenable Support Portal account. If you are using a HomeFeed, you will have to register for and obtain a new activation code. To reset your code from your Tenable Support Portal account, go to Activation Codes, click on + to display the Activation Code, and then click on x under the reset column for the code you want to reset. Once your code has been reset, you will need to re-register your scanner to receive plugins. Please view the Nessus 5.2 Installation and Configuration Guide for more information. Read more about Tenable Support Portal features here.

Using Nessus with the SecurityCenter

If you are using Tenables SecurityCenter, the Activation Code and plugin updates are managed from SecurityCenter. Nessus needs to be configured appropriately to communicate with SecurityCenter. When performing the installation of the Nessus scanner, when prompted for the Plugin Feed Registration noted above, enter SecurityCenter as your Activation Code. Please refer to the SecurityCenter documentation for the configuration of a centralized plugin feed for multiple Nessus scanners.

If you have any questions, feel free to request help using email support from the Tenable Support Portal, post a question to the Nessus Discussion Forums, or review the Nessus documentation. Best Regards, The Tenable Network Security Team

About Tenable Network Security

Tenable Network Security, the leader in Unified Security Monitoring, is the source of the Nessus vulnerability scanner and the creator of enterprise-class, agentless solutions for the continuous monitoring of vulnerabilities, configuration weaknesses, data leakage, log management, and compromise detection to help ensure network security and FDCC, FISMA, SANS CAG, and PCI compliance. Tenables award-winning products are utilized by many Global 2000 organizations and Government agencies to proactively minimize network risk. For more information, please visit http://www.tenable.com/.

GLOBAL HEADQUARTERS

Tenable Network Security 7063 Columbia Gateway Drive Suite 100 Columbia, MD 21046 410.872.0555 www.tenable.com

Copyright 2013. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.