Manually updating the Plugins can sometimes fix error or scanner status of "Protocol error". These instructions work on Nessus 5x and 6x, when managed by Security Center 4x or 5x.
Follow the instructions below to manually install plugins for the Nessus scanner on a Linux server. To do this on a Windows computer go here.
1. Login to the Nessus scanner.
root@earth> ssh nessus
2. Stop the Nessus service.
root@nessus> service nessusd stop
3. Remove the scanner from Security Center.
4. Reset the scanner
root@nessus> /opt/nessus/sbin/nessuscli fix --reset
Resetting Nessus configuration will permanently erase all your settings and causes Nessus to become unregistered.
Do you want to proceed? (y/n) [n]: y
Successfully reset Nessus configuration.
Resetting Nessus configuration will permanently erase all your settings and causes Nessus to become unregistered.
Do you want to proceed? (y/n) [n]: y
Successfully reset Nessus configuration.
5. Connect the Nessus scanner.
root@nessus> /opt/nessus/sbin/nessuscli fetch --security-center
nessud can now be started, SeccrityCenter will upload the plugins
nessud can now be started, SeccrityCenter will upload the plugins
6. Manually copy over the plugins file.
Copy the file tar.gz file from Security Center to or download latest plugins from Tenable.
Note - In Security Center The plugins are located here: /opt/sc/data/plugins
7. Load the plugins into Nessus.
root@nessus> /opt/nessus/sbin/nessuscli update plugins_file.tar.gz
* Update successful. The changes will be automatically processed by Nessus
* Update successful. The changes will be automatically processed by Nessus
8. Start the Nessus service
root@nessus> service nessusd start
9. Login to the web interface for Nessus and wait for the bar to complete.
root@nessus> firefox https://localhost:8834
10. Login to the web interface for the Security Center. Add the Nessus scanner back and verify connectivity.
You're done.
If you have any questions or comments please post them below.
Related posts
Manually Update Plugins for your PVS
Reset Admin account on Security Center
I have same issue, I just ran the command /opt/nessus/sbin/nessuscli fix --reset
ReplyDeletethen my plugin started to update.
thnaks
The plugins update within nessus but show at "Plugins out of sync" within Security Center even after doing all of the steps above. Thoughts?
ReplyDeleteI Second this. Any additional information?
DeleteDid you get the plugins from Tenable or Security Center? If you got the latest plugins form Tenable the plugins now on the Nessus scanner may be newer than the plugins Security Center has. There is also the complication of their being 3 different types of plugins. The plugins for Nessus are called active plugins and the plugins for the PVS are called passive. There are also plugins for LCE.
ReplyDeleteI'm confused by step 6. . Manually copy over the plugins file.
ReplyDeleteCopy the file tar.gz file from Security Center to or download latest plugins from Tenable. Where do I copy the plugins to?
Hello Unknown,
ReplyDeleteIt doesn't matter where you copy the plugins to. As long as you point to that location in step 7 when you use the nessuscli update command.
I'm getting:
ReplyDeleteWARNING: Large stack size. Start nessusd through nessus-service or use ulimit(1)
Does the service simply take forever to stop, or do I need to somehow deal with this error before it will stop?