Friday, March 25, 2016

Manually Update Plugins on a Nessus Scanner (Linux)

I had an issue the other day with one of my Nessus Vulnerability Scanners which is being managed by Security Center. In Security Center the status of one of the Nessus scanners showed "Plugin Out of Sync". I tried to push the plugins to the Nessus scanner from the Security Center, but I was getting a status error of "Connection timed out".  So basically I was getting a latency issue on the connection. The Nessus scanner and the Security Center are in different states, so this may be why there is so much latency. I just built this Nessus scanner, so there were just too many plugins to be pushed over the wire by Security Center. To fix this issue, I just manually copied the plugins to the Nessus scanner. Then I manually loaded the plugins into the Nessus scanner. After I did this, I have not had this issue again.

Manually updating the Plugins can sometimes fix error or scanner status of "Protocol error". These instructions work on Nessus 5x and 6x, when managed by Security Center 4x or 5x.

Follow the instructions below to manually install plugins for the Nessus scanner on a Linux server. To do this on a Windows computer go here.

1. Login to the Nessus scanner.
root@earth> ssh nessus

2. Stop the Nessus service.
root@nessus> service nessusd stop

3. Remove the scanner from Security Center.

4. Reset the scanner
root@nessus> /opt/nessus/sbin/nessuscli fix --reset
Resetting Nessus configuration will permanently erase all your settings and causes Nessus to become unregistered.
Do you want to proceed? (y/n) [n]: y
Successfully reset Nessus configuration.

5. Connect the Nessus scanner.
root@nessus> /opt/nessus/sbin/nessuscli fetch --security-center
nessud can now be started, SeccrityCenter will upload the plugins

6. Manually copy over the plugins file.
    Copy the file tar.gz file from Security Center to or download latest plugins from Tenable.
Note - In Security Center The plugins are located here: /opt/sc/data/plugins

7. Load the plugins into Nessus.
root@nessus> /opt/nessus/sbin/nessuscli update plugins_file.tar.gz

* Update successful. The changes will be automatically processed by Nessus 

8. Start the Nessus service
root@nessus> service nessusd start

9. Login to the web interface for Nessus and wait for the bar to complete.
root@nessus> firefox https://localhost:8834

10. Login to the web interface for the Security Center. Add the Nessus scanner back and verify connectivity.

You're done.

If you have any questions or comments please post them below.

Related posts
Manually Update Plugins for your PVS
Reset Admin account on Security Center