How to Install Nessus Scanner on CentOS Stream 10 — Complete Step-by-Step Guide

Security scanning and vulnerability management are essential components of any organization’s cybersecurity strategy. Nessus, developed by Tenable, is one of the most popular and powerful vulnerability scanners available today. It helps IT administrators detect potential weaknesses, misconfigurations, and vulnerabilities before attackers exploit them.

In this tutorial, we’ll walk you through how to install and configure Nessus Scanner on CentOS Stream 10, from downloading the package to accessing the web interface and activating your license.

🔍 What Is Nessus?

Nessus is a widely used vulnerability assessment tool designed to identify security issues such as:

• Missing patches
• Misconfigurations
• Open ports and weak passwords
• Vulnerable software and outdated packages

It offers both Nessus Essentials (free for personal use) and Nessus Professional (commercial version for enterprises).

Key Features:

• Over 75,000 plugins for vulnerability detection
• Regular plugin updates
• Easy-to-use web interface
• Supports multiple OS environments
• Integration with Tenable.io and Tenable.sc

⚙️ Prerequisites

Before you begin, ensure that your system meets the following requirements:

• Operating System: CentOS Stream 10 (freshly installed)
• User Access: Root or sudo privileges
• Internet Connection: Required for downloading packages and plugin updates
• Minimum Hardware:
• 4 GB RAM
• 2 vCPUs
• 10 GB free disk space

🧩 Step 1: Update Your System

It’s always recommended to update your CentOS system before installing any new application.

sudo dnf update -y

After the update completes, reboot your system if the kernel or core packages were upgraded:

sudo reboot

📦 Step 2: Download the Nessus Package

Visit the official Tenable download page to get the latest Nessus package for CentOS:

🔗 https://www.tenable.com/downloads/nessus

Alternatively, use the following command to download directly using wget:

cd /tmp
wget https://downloads.nessus.org/nessus3dl.php?file=nessus-<version>-el10.x86_64.rpm&licence_accept=yes&t=1234567890 -O nessus.rpm

(Replace <version> with the current Nessus release number.)

🧱 Step 3: Install Nessus on CentOS Stream 10

Once downloaded, install the package using the dnf package manager:

sudo dnf install ./nessus.rpm -y

When the installation completes, verify that Nessus has been installed correctly:

rpm -qi nessus

🚀 Step 4: Enable and Start Nessus Service

After installation, you must enable and start the Nessus service:

sudo systemctl enable nessusd.service
sudo systemctl start nessusd.service

You can check the service status with:

sudo systemctl status nessusd.service

If it’s running correctly, you should see an active (running) status.

🌐 Step 5: Access Nessus Web Interface

Once the service starts, open your browser and go to:

https://<your-server-ip>:8834/

For example:

https://192.168.1.100:8834/

⚠️ Note: Port 8834 is the default web interface port for Nessus. Make sure it’s open in your firewall.

If you’re using firewalld, allow the port:

sudo firewall-cmd --zone=public --add-port=8834/tcp --permanent
sudo firewall-cmd --reload

🧰 Step 6: Choose Your Nessus Edition

Once you access the web interface, you’ll be asked to choose your edition:

• Nessus Essentials (Free) – Ideal for students or personal use (up to 16 IPs)
• Nessus Professional (Paid) – For enterprise vulnerability scanning
• Managed Scanner – Used with Tenable.io or Tenable.sc

Select your preferred version and proceed.

🪪 Step 7: Activate Your Nessus License

If you select Nessus Essentials, you’ll need to register for an activation code at:
🔗 https://www.tenable.com/products/nessus/nessus-essentials

Enter your name and email address, then you’ll receive an activation code via email.

Use that activation code on the web interface to activate your scanner.

⚙️ Step 8: Download Plugins and Build Database

After activation, Nessus will automatically start downloading the required plugins and build its database.
This process might take several minutes depending on your internet speed and system performance.

You can monitor progress from the web interface until it completes.

Once done, Nessus will redirect you to the login screen.

👤 Step 9: Create the Nessus Admin Account

When the plugin installation finishes, you’ll be prompted to create an admin account.

Enter:

• Username: e.g. admin
• Password: strong and secure password

After that, log in to the Nessus dashboard using your new credentials.

🧮 Step 10: Running Your First Vulnerability Scan

Once inside the Nessus web console:

1. Click “New Scan”
2. Choose a Scan Template (e.g. Basic Network Scan)
3. Enter a Scan Name and Target IP Address
4. Click Save, then Launch

Nessus will start scanning the target and display progress in real time.
After completion, you can view a detailed report listing detected vulnerabilities, severity levels, and remediation recommendations.

🔒 Step 11: Securing the Nessus Installation

For production use, follow these additional best practices:

• Enable HTTPS with a valid SSL certificate
• Restrict web interface access to trusted IPs only
• Regularly update Nessus plugins
• Schedule automatic scans and reports

You can also integrate Nessus with SIEM tools or Tenable.io for centralized monitoring and compliance reporting.

🧾 Conclusion

You’ve successfully installed and configured Nessus Scanner on CentOS Stream 10.
With Nessus running, you can now perform regular vulnerability scans, assess network risks, and proactively patch weaknesses before they become threats.

Whether you’re a system administrator, security analyst, or network engineer, Nessus provides an essential layer of visibility and protection for your infrastructure.