Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Nessus 2.0.12 on AIX (George Theall)

from [Neil Lewinski] Network Security [Permanent Link]
Subject: Re: Re: Nessus 2.0.12 on AIX (George Theall)
Date: Mon, 25 Oct 2004 16:44:50 -0400 
Message: 2
Date: Sun, 24 Oct 2004 20:19:46 -0400
From: George Theall <theall@tifaware.com>
Subject: Re: Nessus 2.0.12 on AIX
To: nessus@list.nessus.org
Message-ID: <20041025001946.GA14332@tifaware.com>
Content-Type: text/plain; charset="us-ascii"

On Tue, Oct 19, 2004 at 04:20:09PM -0400, Neil Lewinski wrote:

I have built Nessus 2.0.12 on AIX 5.2 ML04 using gcc 3.3.2,
and all seems to be well.


I don't have any experience with AIX; just have some questions:

o How exactly did you build it? nessus-installer.sh? Manually? Something
else? 

It was built manually, the nessus-installer.sh does not work on AIX.
I had to make some edits to gdchart.h to clear up some errors,
but otherwise it appears to build just fine manually.

o Does the AIX commandline client work for connecting to nessusd on your
linux box?

There are network topology issues (as well as pix issues) that make
connecting to the linux nessus-installer.sh-built nessusd essentially
a non-starter. If that linux server could get to all of the servers
it needed to without severe changes to network configurations and ACLs t
hat we do not control, I would not be trying to build this on this particular
AIX box. Essentially, we have ~75 servers that I need to probe and harden,
but they are segmented into several network pockets. This AIX box would be
probing about 25 of the 75.

The Nessus daemon, however,
does not open port 1241 for listening, and it does not
complain either.

o How are you starting it... "nessusd -D"? 

Yes.

o Are any errors recorded in the syslog? What about nessusd.messages (or
whatever logfile in nessusd.conf points to)? 

No errors are generated in the syslog when starting the daemon.

There is one line appended to nessusd.messages 2 minutes after startup:

  [Mon Oct 25 16:29:25 2004][27882] received the SEGV signal

o Does it stay active or exit? 

It stays active:

# ps -ef |grep nessusd |grep -v grep
    root 25350     1   0 16:27:06  pts/3  0:00 nessusd -D

o Was it configured to listen on a unix socket or a different port? 

No it was not, I am using essentially the default nessusd.conf.

o Can you run truss / syscalls to trace the execution of nessusd and
pinpoint the problem?

I'm not really a truss guy (sadly), although I did try it, and it does
offer a huge amount of feedback. If anyone can direct me to a way to just
look at ports being opened (or filter out all the plugins being opened)
I'd be glad to truss it again.

George
-- theall@tifaware.com


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: optimizing scan by OS, Renaud Deraison
Next by Date:  Re: Re: Nessus 2.0.12 on AIX (George Theall), George Theall
Previous by Thread:  optimizing scan by OS, Stuart Kendrick
Next by Thread:  Re: Re: Nessus 2.0.12 on AIX (George Theall), George Theall
Indexes:  [Date] [Thread] [Top] [All Lists]