When to contact vendor support
/opt/nessus/sbin/nessuscli --version
Historically, Nessus documentation and older scripts referenced the nessus-update-plugins command (or the GPL version nessus-update-plugins-gpl ) to fetch and install security checks. The "all-2.0.tar.gz" file is the tarball (compressed archive) containing the complete Nessus plugin set. download nessus-update-plugins all-2.0.tar.gz
To download all-2.0.tar.gz , you first need a from the offline Nessus machine and your activation key .
The "2.0" refers to the format version of the plugin package. The "2
You cannot download the current plugin archive via a direct, static URL. Tenable secures the download using a challenge-and-response system tied to your specific license. Follow these steps to generate the custom download link: 1. Obtain Your Challenge Code
If the offline portal rejects your submission, regenerate the code on your scanner. Challenge codes are highly time-sensitive and will expire if left unused for too long. Ensure no spaces are included when copying the text. 2. Archive Corrupted or Extraction Failure Follow these steps to generate the custom download link: 1
It replaces the standard online update stream ( nessuscli update ).
Historically, the nessus-update-plugins script used tools like lynx to retrieve the archive from http://www.nessus.org/nasl/all-2.0.tar.gz over (not HTTPS). Importantly, "The scripts are not signed so a cracker may poison your DNS server and force this script to retrieve scripts on another web server".
If you encounter this file in your environment, treat it with care: verify its origin, understand its contents, and test the update on a non-production Nessus scanner first.