Updating Plugins During A Scan

Rochford, Paul Paul.Rochford at itsis.ie
Wed Nov 10 11:05:02 EST 2004 

>From nessus-update-plugins:

# HUP nessusd
test -f ${prefix}/var/nessus/nessusd.pid && {
    pid=`cat ${prefix}/var/nessus/nessusd.pid`
    kill -1 $pid 2>/dev/null

I've very rarely had to kill nessusd and restart it after a plugins update.

Kind Rgds,
Paul Rochford




-----Original Message-----
From: nessus-bounces at list.nessus.org [mailto:nessus-bounces at list.nessus.org]
On Behalf Of Paul Johnston
Sent: 10 November 2004 15:48
Cc: nessus at list.nessus.org
Subject: Re: Updating Plugins During A Scan


Hi,

I am sure just sending Nessus a HUP is not quite enough for updating the 
plugins. I've updated the plugins, done a HUP, and had weird 
inconsistencies (and I'm not scanning; nessusd had no child processes). 
If I then fully stop and restart it's ok. This has happened repeatably 
with 2.0.7 (a little old I know).

Regards,

Paul



George Theall wrote:

>On Wed, Nov 10, 2004 at 05:01:42AM -0800, Pete Vingh wrote:
>
>  
>
>>The way that I see plugin updates work is like this:
>>
>>  - nessusd is waiting for a connection
>>  - nessus-update-plugins gets called
>>  - nessus-update-plugins kills/stops nessusd
>>  - plugins are updated
>>  - nessus-update-plugins starts nessusd
>>
>>Is that correct?
>>    
>>
>
>Somewhat.  nessus-update-plugins doesn't exactly kill / stop nessusd. 
>Rather, it sends it a HUP signal, which causes nessusd to reload itself,
>blocking client connections until it's finished. 
>
>In addition, nessusd forks to service each client connection.  Each
>child thread holds a a snapshot of the plugins that parent knew about
>when it was created and is is unaffected by the HUP signal sent by
>nessus-update-plugins. This means that a currently running scan will
>not know about plugins added once it starts.
>
>George
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Nessus mailing list
>Nessus at list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
>

-- 
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul at westpoint.ltd.uk
web: www.westpoint.ltd.uk

_______________________________________________
Nessus mailing list
Nessus at list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


********************************************************************
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they   
are addressed. If you have received this email in error please 
notify us immediately at MailMonitor at itsis.ie and delete this E-mail 
from your system. Thank you.
It is possible for data transmitted by email to be deliberately or
accidentally corrupted or intercepted. For this reason, where the
communication is by email, the Bank of Ireland Group does not accept 
any responsibility for any breach of confidence which may arise 
through the use of this medium.
This footnote also confirms that this email message has been swept 
for the presence of known computer viruses.
********************************************************************
  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.nessus.org/pipermail/nessus/attachments/20041110/7a65bf2f/attachment.html

More information about the Nessus mailing list