update-nessusrc
hack erk
nes_hck at yahoo.com
Tue Aug 10 15:57:55 EDT 2004
The script was hanging because of the server certificate... I fixed that.
As you suggested I added the option -f "_all_" option ...
./update-nessusrc -s -d -c "_all_" -f "_all_" -f !"Port Scanner" .nessusrc-config
But even with these options both update-nessusrc and nessus(when it runs using the config file generated by update-nessusrc) give the warning:
*** The plugins that have the ability to crash remote services or hosts
have been disabled. You should activate them if you want your security
audit to be complete
My main aim is to enable the plugins capable of crashin the host... How do I enable these plugins? (and the scanners are still enabled)
Thank you.
HKR
George Theall <theall at tifaware.com> wrote:On Tue, Aug 10, 2004 at 09:06:31AM -0700, hack erk wrote:
> I'm using the script update-nessusrc to configure my .nessusrc file. I
> find that the script is taking a lot of time...
update-nessusrc calls nessus to list the plugins available on a server,
which itself can take a while. How long depends on the load on the
server, the number of plugins available there, the amount of sunspot
activity, the speed of your network, and other factors I'm probably
forgetting about.
> I was not sure if that
> was fine ... I'm calling it using:
>
> update-nessusrc-2.11 -s -d -c "_all_" -f !"Port Scanner"
> .nessusrc-config
Perhaps the script is hanging because nessus doesn't recognize the
server's certificate. I added support for handling this in version 2.20
of update-nessusrc, and you appear to be using an older version. Still,
since you're running the script with the debug option, you should be
able to see whether or not it's hanging. Is it?
> Will that do the job of enabling all the tests but the scanners?
First, the family should be "Port scanners", not "Port Scanner".
Second, realize that commandline parameters override variables configured
in the script so you must explicitly enable all families (ie, "-f _all_")
in addition to excluding those in the "Port scanners" family.
Finally, the debug option, which you're using, should be telling you
exactly which plugin families and the like are being enabled. This will
occur after nessus returns the list of available plugins but before
update-nessusrc tells you whether it's enabling each available plugin.
> and
> typically how long does update-nessusrc take to generate the config
> file
See my first paragraph above.
George
--
theall at tifaware.com
> ATTACHMENT part 1.2 application/pgp-signature
_______________________________________________
Nessus mailing list
Nessus at list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.nessus.org/pipermail/nessus/attachments/20040810/ec7bbb01/attachment.html
More information about the Nessus
mailing list