On Mon, Sep 20, 2004 at 04:43:17PM +0200, Davide Messana wrote:
Hallo everybody!
I played a little with Nessus 2.1.3 since I am very interested in the local
security checks feature.
I installed Nessus on a Linux Mandrake 10.0 machine, and used it to scan
another Mandrake 10.0 system.
After a few tests, I noticed that the ssh_get_info.nasl plugin wouldn't
work when netstat scanner was enabled. I investigated the matter a bit, and
I found that the problem seems to lie with the shared socket
secret/ssh/socket, which is not released by the netstat scanner plugin. If
I disable netstat scanner, ssh_get_info.nasl is able to acquire the shared
socket (but it too seems to forget to release it!).
Here's the relevant info taken from nessusd.messages:
with netstat scanner enabled:
...
[Mon Sep 20 15:40:32 2004][23672] launching netstat_portscan.nasl [23676]
[Mon Sep 20 15:40:32 2004][23672] shared_socket: Process 23676 creates a
socket - Secret/SSH/socket
[Mon Sep 20 15:40:33 2004][23672] netstat_portscan.nasl (process 23676)
finished its job in 0.609 seconds
[Mon Sep 20 15:40:33 2004][23672] shared_socket: Process 23676 forgot to
release a shared socket!
...
[Mon Sep 20 15:41:18 2004][23672] launching ssh_get_info.nasl [24075]
[Mon Sep 20 15:41:18 2004][23672] shared_socket: Secret/SSH/socket now
locked by 24075
The lack of socket release is not an issue (nessusd notices that the
socket has not been released, so it releases it by itself). I'll try to
reproduce your issue on another Linux box.
-- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
