Nessus vulnerability scanner is a tool which can discover and analyze vulnerabilities in the system so that IT staff can fix that holes and hence the system becomes more secure. Before scanning the system, it is necessary to update Nessus’s plugins to make sure that it’s up-to-date and will able to detect the latest vulnerabilities. If you have a disconnected network from the Internet, you need to update the Nessus’s plugins manually.
This article will show you how to offline update Nessus 3.2.1’s plugins with free subscription on Windows. With free subscription, you can only get plugins that delayed 7 days. Otherwise, you need to purchase for the latest plugins. If you have disconnected network from the Internet, I think using free plugins would be sufficient.
Step-by-step to offline update Nessus
Register at Nessus for activation code
- Navigate to www.nessus.org. Click on ‘Plugins’.
- Click on ‘Obtain an activation code’.
- Scroll down to the bottom of the page, click ‘Register’ on the FREE subscription.
- Click ‘I accept’ to accept the agreement.
- Enter your e-mail address and click register. Nessus will send an activation code to this e-mail.
- Now e-mail has been sent with the activation code.
- Check your e-mail and you should see the activation code.
- To download the plugins, you need an activation code and challenge code. You already have an activation code. Now you need to find a challenge code.
- Install Nessus 3.2.1 to get a challenge code.
- When finishes the installation. Open Product Registration to see the challenge code. Open Start -> Programs -> Tenable Network Security -> Nessus -> Product Registration.
- On Product Registration, you’ll see the challenge code. This will be used with the activation code to download Nessus’s plugins.
- Navigate to plugins.nessus.org/offline.php. Copy the challenge code to the first line and the activation code that you received from an e-mail to the second line. Click submit.
Note: You can only use your activation code once. If you need to download again, you have to register again (you can use the same e-mail).
- Click on the link ‘http://….’ to download the plugins.
Extract and build plugins on Nessus 3.2.1
- Extract the downloaded file (.tar.gz) to C:\Program Files\Tenable\Nessus\plugins\scripts. You have to extract .tar.gz to .tar first and then extract the file again to that directory. It will ask to overwrite the existing files, select Yes to All.
Note: To extract the file, you can use tools like WinZip, WinRar, 7Zip, etc.
- Waiting until the extraction is finished.
- Once finishes, run this file C:\Program Files\Tenable\Nessus\build.exe by double-click the file.
- Waiting the program rebuilds plugins. When finishes, the window will disappear.
- Now Nessus is up-to-date and should be ready to scan the system.
This article is show how to update plugins on Nessus 3.x on Windows which was already documented at Nessus.org. But I want to summarize with illustration to make it simple and easy to follow guide.