Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

user rules problem

from [dick] Network Security [Permanent Link]
Subject: user rules problem
Date: Wed, 17 Nov 2004 11:40:40 -0600 
lo all,

i've installed the nessus-1.2.7 port on an openbsd 3.4 stable box and
successfully added a user with rules "default accept", but once i log in with a
client (nessuswx 1.4.4 from a winxp box on my network) on this user account, i
get a server error message about my not being allowed to scan the hosts i 
listed.

here are the outputs i get when i try to scan the desired hosts (all on my local
net; 10.0.0.0/16):

from nessuswx 1.4.4:

Connecting to server 10.0.1.1 (port 1241) using TLSv1 encrypted connection...
SSL connection using DES-CBC3-SHA
Using < NTP/1.2 >
Connection with the server [10.0.1.1] established.
1148 plugins loaded
142 preferences received
0 rules received
Scan started 17-Nov-2004 09:10:59
[SERVER ERROR] These hosts could not be tested because you are not allowed to do
so :;10.0.1.5;10.0.1.2;10.0.2.2;
Scan finished 00-<-0000 00:00:00

from /var/nessus/logs/nessusd.messages:

[Wed Nov 17 09:15:05 2004][1328] Redirecting debugging output to
/var/nessus/logs/nessusd.dump
[Wed Nov 17 09:15:13 2004][1328] user dick : session will be saved as
/var/nessus/users/dick/sessions/20041117-091513-index
[Wed Nov 17 09:15:13 2004][1328] user dick starts a new attack. Target(s) :
10.0.1.5,10.0.1.2,10.0.2.2, with max_hosts = 10
[Wed Nov 17 09:15:13 2004][1328] user dick : rejected attempt to scan 10.0.1.5
[Wed Nov 17 09:15:13 2004][1328] user dick : rejected attempt to scan 10.0.1.2
[Wed Nov 17 09:15:13 2004][1328] user dick : rejected attempt to scan 10.0.2.2
[Wed Nov 17 09:15:13 2004][1328] user dick : test complete

(there's nothing output to the dump file, contrary to the log)

just to be sure, i checked the rules for the user dick and here are the relevant
file contents:

$ sudo cat /var/nessus/users/dick/auth/rules
default accept
$ sudo cat /etc/nessus/nessusd.rules
#
# Nessus rules
#
# Syntax : accept|reject address/netmask
# Accept to test anything :
default accept

i've searched for others with similar problems and haven't found any fruitful
links. all suggestions are welcome.

thx for reading,
jake y-p
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nessus 2.2.0 - Hanging on down hosts, George Theall
Next by Date:  Re: user rules problem, Renaud Deraison
Previous by Thread:  Is it a nessusd bug?, rocky
Next by Thread:  Re: user rules problem, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]