I installed Nessus 4.4 Homefeed on an Ubuntu 10.04 machine. I can run scans against Windows machines and get good data from the test. I've tried running scans against Linux machines but never find any high vulnerabilities. At first I thought it was a credential problem so I tried running scans against the localhost where Nessus is installed and get similar results (no high vulnerabilities). I've entered the correct root password in the SSH section to no avail.
I thought that maybe.. just maybe my Linux system was secure and up to date. So I installed a fresh copy of Ubuntu 8.04 in a VM then installed Nessus 4.4 in it. I created a new policy with all plugins enabled and tried with both blank credentials and root credentials but no high vulnerabilities are detected. I've tried this on several different Ubuntu systems and get the similar results (never any high vulnerabilities). I know this Ubuntu instance is vulnerable because the Ubuntu Update Manager tells me I'm missing 263 "Important Security Updates".
When I run the scans, I've tried using both my local eth0 IP address and "localhost" as the target. Am I missing something? Am I doing something wrong?