{"id":2628,"date":"2021-12-30T18:48:33","date_gmt":"2021-12-30T18:48:33","guid":{"rendered":"https:\/\/dft.wiki\/?p=2628"},"modified":"2026-06-08T22:13:46","modified_gmt":"2026-06-09T02:13:46","slug":"deploying-and-configuring-tenable-core-nessus","status":"publish","type":"post","link":"https:\/\/dft.wiki\/?p=2628","title":{"rendered":"Deploying and Configuring Tenable Core + Nessus"},"content":{"rendered":"<p>Nessus is a well-known vulnerability assessment tool created by Tenable Inc. It is not open source, but it offers a free license called Essentials for educators, students, and individuals (not companies) starting their careers.<\/p>\n<p>Nessus Essentials is a powerful scanner that collects fingerprints, misconfigurations, and default passwords from targets, then automatically cross-checks them against a known vulnerability database to expose low-hanging fruit and potential investigation threads. Its reports should not be taken as absolute truth, but as a starting point.<\/p>\n<p>The free version has limitations, the most notable being a cap of 16 scanned IP addresses.<\/p>\n<p>The purpose of this post is to guide you through deploying a Linux Appliance virtual machine that comes with Nessus pre-installed.<\/p>\n<p>Tenable Core + Nessus is available for download in VMware and Hyper-V formats, or as an ISO image to boot and install on a bare-metal machine or hypervisor of your choice [<a href=\"https:\/\/docs.tenable.com\/tenablecore\/Nessus\/Content\/TenableCore\/DeployTC.htm\">Link<\/a>].<\/p>\n<p>Tenable Core is a heavily customized CentOS 7 operating system designed to run all Tenable products. It includes a web interface accessible at <strong>https:\/\/IP:8000\/<\/strong> using the default credentials <strong>wizard:admin<\/strong>. Through this interface, you can easily monitor instance resources, health, utilization, and more.<\/p>\n<p>After successfully deploying the new instance, navigate to <strong>https:\/\/IP:8834\/<\/strong> to complete the configuration and licensing process for Nessus. The license is free [<a href=\"https:\/\/www.tenable.com\/products\/nessus\/nessus-essentials\">Link<\/a>] and will be sent to your email address.<\/p>\n<p>Because of the nature of this application, it supports command line directives to perform its duties, enabling automation and integration with many other applications:<\/p>\n<p><strong>Syntax<\/strong><\/p>\n<ul>\n<li>\/opt\/nessus\/sbin\/nessuscli &lt;cmd&gt; &lt;arg1&gt; &lt;arg2&gt;<\/li>\n<li>\/opt\/nessus\/sbin\/nessuscli help<\/li>\n<li>\/opt\/nessus\/sbin\/nessuscli &lt;cmd&gt; help<\/li>\n<\/ul>\n<p><strong>Running as a service<\/strong><\/p>\n<ul>\n<li>\/sbin\/service nessusd start<\/li>\n<li>\/sbin\/service nessusd stop<\/li>\n<\/ul>\n<p><strong>Basic commands<\/strong><\/p>\n<ul>\n<li>nessuscli update<\/li>\n<li>nessuscli update &#8211;all<\/li>\n<li>nessuscli update &#8211;plugins-only<\/li>\n<li>nessuscli fetch &#8211;register &lt;activation code&gt;<\/li>\n<li>nessuscli fetch &#8211;security-center<\/li>\n<li>nessuscli fix &#8211;show<\/li>\n<li>nessuscli fix &#8211;list<\/li>\n<li>nessuscli fix &#8211;list-interfaces<\/li>\n<li>nessuscli fix &#8211;get max_hosts<\/li>\n<li>nessuscli fix &#8211;set max_hosts=200<\/li>\n<li>nessuscli fix &#8211;delete max_hosts<\/li>\n<li>nessuscli fix &#8211;secure &#8211;list<\/li>\n<li>nessuscli mkcert<\/li>\n<li>nessuscli mkcert-client<\/li>\n<li>nessuscli lsuser<\/li>\n<li>nessuscli adduser<\/li>\n<li>nessuscli chpasswd &lt;username&gt;<\/li>\n<li>nessuscli rmuser<\/li>\n<li>nessuscli bug-report-generator<\/li>\n<li>nessuscli bug-report-generator [&#8211;quiet] [&#8211;scrub] [&#8211;full]<\/li>\n<li>nessuscli agent status<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Nessus is a well-known vulnerability assessment tool created by Tenable Inc. It is not open [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2628","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2628","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2628"}],"version-history":[{"count":3,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2628\/revisions"}],"predecessor-version":[{"id":5699,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2628\/revisions\/5699"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2628"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2628"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2628"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}