Re: using Nessus with mySQL

You may want to give Inprotect ( http://inprotect.no1.com.au/modules/news/ ) a look, it's a web based Nessus front end. You would probably be particularly interested in the nessus_run.pl script in the scanner directory.

I've never seen the script below, but my guess is that the targetfile is the file that lists the targets for the scan, the results file is the file that lists the results. There are a couple of ways to get these files, for example you can maually edit the target file and then run nessus from the comand line and tell it where to output the result file. The Nessus Knowledge base ( http://www.edgeos.com/nessuskb/ ) will help you figure out how to do this and what options to use. You may also want to look at the Nessus Network Auditing book published by Syngress. You can also manually edit a target file and have the Nessus gui use this file, then when it completes you can save the results to a known location. Now with both a target file and a results file the script should work.

Laters,
Dave King
http://www.thesecure.net


Jarien wrote:

I've found out that back 2 years ago, there's a question posted in this mailing list about "using nessus with mySQL via command line". There are a few replies which i wish to get some clarifications on.
On Aug 14, 2002 Nicolas A.S.-J. Mendoza replied with a perl script and a sql script (which i presume is written by himself). i don't really quite understand the part ..
/[nessusrun.pl]
#!/usr/bin/perl -w

use strict;
use DBI;

# Make sure to edit these variables so that they suit your needs

my $nessus_targetsfile = "~/securescan/targets"; # location of targetsfile
my $nessus_resultsfile = "~/securescan/results"; # location of resultsfile
my $nessus_exec = "/usr/local/bin/nessus"; # location of nessus binary
///
What does the targetfile and resultfile refer to?
Then,on the same date also, Kristofer T. Karas replied
/I used to have a huge shell script written in /bin/bash that would grep
through a directory of .NSR files and provide a nice searchable web
interface. But handling multiple scans on different dates for the same
host became too much of a bear. So I converted the whole lot to MySQL and PHP under Apache. If I had the cycles to spare to make the code a bit more public, I'd post it, as you could use it out of the box; maybe later in the year if I find those spare cycles.../
//

I wonder if i can have a look at the script.

Actually, i am trying to do some sort of data correlation between snort and nessus. However, i found out that output from both tools are different types and i have no idea how to compare those outputs, as in what type of information i should look for and etc.

However, if nessus output could be put into mysql, i guess that could help a lot. I'm not sure if there's any other available methods, but if anyone know, hope you can tell me. I've read about Nessus_SQL but i don't think i want to use that.

Thanx.

/
/
________________________________
Free POP3 Email from www.gawab.com <http://www.gawab.com>
Sign up NOW and get your account @gawab.com!!

------------------------------------------------------------------------

_______________________________________________
Nessus mailing list
Nessus_at_list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





This archive was generated by a fusion of Pipermail 0.09 (Mailman edition) and MHonArc 2.6.8.