Updating Nessus definitions (plugins) is important as this keeps Nessus updated and able to identify all the latest vulnerabilities. To conduct a successful vulnerability scan with Nessus, it is important to check and update Nessus with the latest plugins before conducting scans.
To update Nessus on a Windows machine, the following steps should be performed:
Nessus provides multiple feed options as follows:
Online plugin update is the most popular option for updating Nessus plugins and provides the ability to update the plugins through the Internet. This requires an Internet connection of fairly good speed on the Nessus machine. After Nessus registration and activation, plugins can be updated by clicking on the Update Plugins button.
Offline plugin update is used when plugins are archived in a local directory from where Nessus can take the feed and update. This doesn't need an Internet connection on the Nessus system. To set up an offline update, first get the Nessus subscription activation code, which can be retrieved from Nessus support or the registered e-mail ID used for Nessus feed registration.
The next step is to generate a challenge code that is used to download plugins along with the activation code.
To generate the challenge code on a Windows Nessus machine, run the following command in the command-line tool:
Program FilesTenableNessus> nessus-fetch.exe --challenge
For a Linux Nessus machine, the command is slightly different; the following command should be run on a Linux terminal:
# /opt/nessus/bin/nessus-fetch --challenge
This will generate a long string of characters, which is called a challenge code. An example challenge code is 19c4ed603ac3e436a14239852c8fbf8f26f02d7b
.
In order to continue downloading plugins offline, go to the Nessus plugins offline download page at https://plugins.nessus.org/offline.php. Once loaded, the page prompts for the challenge code and activation code. Enter these in.
52.15.42.128