running Nessus on a dual homed system

Corio, Jim jim.corio at attws.com
Mon Aug 23 14:34:09 EDT 2004 

Thanks for your help... we got it covered.
 
Seems that the sleep deprivation experiment that I was undergoing at the
same time was affecting my understanding of the route command and I was
not getting the correct items included in the route. 
 
I have resolved both the sleep deprivation and the route issue and am
working with these systems now.
 
Jimmy
 
 
Jimmy Corio
Sr. Security Analyst (Vulnerability Mitigation)
Systems Security
AT&T Wireless
(425) 288-7723

	-----Original Message-----
	From: Harkaran Bedi [mailto:Harkaran.Bedi at Coalfiresystems.com] 
	Sent: Monday, August 23, 2004 9:21 AM
	To: jim.corio at attws.com
	Cc: jay at edgeos.com
	Subject: Re: running Nessus on a dual homed system
	
	

	Following up on Jay's reply, I think you still need to tell the
OS a default route to take. Lets say Nessus is installed & up & running,
and you want to scan a routable/public address - in that case you need
to add a default route to reach the destination network 

	 

	I have a redhat box in a similar dual-homed config, and I use
the following to add a default route:

	 

	route add default gw <eth_if_address>

	 

	where eth_if_address is the NIC you choose as your default.

	 

	(use the route command to see the dest. networks)

	 

	Let me know how it goes,

	 

	-Harkaran.

	 

	Message: 6

	Date: Fri, 20 Aug 2004 13:41:50 -0700 (MST)

	From: Jay Jacobson <jay at edgeos.com>

	Subject: Re: running Nessus on a dual homed system

	To: "Corio, Jim" <jim.corio at attws.com>

	Cc: nessus at list.nessus.org

	Message-ID:
<Pine.LNX.4.58.0408201338000.8820 at kinetic.edgeos.com>

	Content-Type: TEXT/PLAIN; charset=US-ASCII

	 

	On Fri, 20 Aug 2004, Corio, Jim wrote:

	 

	> I have an environment where I need to run Nessus as a dual
homed

	> solution.  Does anyone have any experience with this and can
offer any

	> guidance as to what is required to do so and what pitfalls may
be

	> encountered?

	 

	I may be missing some specific details of what you are trying to

	accomplish... but, from a basic perspective, it would be very
simple.

	Nessus will just use the local routing rable for determining
which

	interface to send out packets.

	 

	For example, if you have 192.168.0/24 routed to eth0 and
172.16.0/24

	routed to eth1, then the server's local routing table would
handle

	directing packets to either of those subnets. If you scan, for
example,

	172.16.0.55, the local routing table would ensure the packets
get directed

	to eth1. No special configurations in Nessus required at all.

	 

	~Jay

	 

	 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.nessus.org/pipermail/nessus/attachments/20040823/01faee91/attachment.html

More information about the Nessus mailing list