From ArchWiki
Revision as of 06:30, 25 November 2010 by Thestinger (talk | contribs) (Usage)
Jump to: navigation, search

Nessus is a powerful vulnerability scanner with over 40000 plugins, covering local and remote flaws.


Download and extract the taurball:

$ wget
$ tar xvf nessus.tar.gz

Download the rpm from

  • 32-bit: Nessus-4.4.0-fc14.i386.rpm (12103 KB)
  • 64-bit: Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)

Move the rpm into in the nessus directory.

$ cd nessus
$ mv ~/download/Nessus-4.4.0-fc14.x86_64.rpm .

Then, make (and install) the package:

$ makepkg -csi

Post-installation setup

Create an SSL certificate for the Nessus web interface:

# /opt/nessus/sbin/nessus-mkcert

Register your email at and wait for your key to be emailed to you. Then, download all the plugins from the feed with:

# /opt/nessus/bin/nessus-fetch --register <your key here>

Create a Nessus admin user (unrelated to *nix style users):

# /opt/nessus//sbin/nessus-adduser


Start the daemon just like any other:

# /etc/rc.d/nessus start

Access the web interface at https://localhost:8834 or use the commandline tool (/opt/nessus/bin/nessuscmd).


The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:

# rm -r /opt/nessus