What is Nessus? Here's how Nessus describes itself, at http://www.nessus.org:
The 'Nessus' Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner. A security scanner is a software which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way.
I describe it this way: it's an essential security tool that you should have in your arsenal. It runs on Linux, Mac OS X, and Windows. It's free and open source.
Nessus runs both a server AND a client on the same machine: yours.
Here's how to install and run it.
Compile Nessus (as root, of course). Answer any questions it asks you. Defaults are usually fine.
Then add a user: you. Do this as root with the following command:
Note that the path may be different on a non-Linux system!
Then generate your security cert as root for Nessus:
Then start the Nessus daemon, again as root:
Then start Nessus as you (non-root):
On the first tab is a box for your login & password which you created above. Enter those and click the 'Log in' button.
Go to the Plugins tab & click the 'Enable all but dangerous plugins' button.
Go to the 'Target selection' tab & enter the IP or DNS of the machine/block/network you wish to scan. Check the 'Save this session' checkbox. Click 'Start the scan' and wait.
When it's done, review the report. Save it in a variety of formats. Follow its advice.