Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Command Line and GUI Differences

from [Off to Oz] Network Security [Permanent Link]
Subject: Command Line and GUI Differences
Date: Tue, 14 Dec 2004 17:23:01 -0500 
All,

I am using Nessus 2.2.1 on FC2 with X and Gnome.
I do not have NMAP installed on this box.

When I run a scan on 10 IPAs (1 Alive) with the GUI, I can see that
nessus runs the ping_host.nasl first on all the 10. It then does the
synscan.nes on the host that is alive. After the synscan it checks
with a bunch of different plugins on the live host. It is not able to
ping the other nine and so it just skips over them which is fine and
dandy.

I use the .nessusrc file from the above scan and run a scan using the
command line client and now nessus does not run the ping_host.nasl or
even the synscan.nes. It just goes out full-blown with a bunch of
plugins on all the hosts. It does not seem to care if they're alive or
not.

Can someone please explain why? I have pasted the nessusd.conf and
nessusrc files here with this mail.

Thanks a lot in advance.

Keys.


****************Nessusd.conf
****************************************************
#
# Configuration file of the Nessus Security Scanner
# See the manpage for nessusd(8) for more information.
#

# Server options
plugins_folder = /usr/lib/nessus/plugins
logfile = /var/nessus/logs/nessusd.messages
dumpfile = /var/nessus/logs/nessusd.dump
log_whole_attack = yes
max_hosts = 8
max_checks = 8
max_threads = 50
be_nice = yes
users = /etc/nessus/nessusd.users
rules = /etc/nessus/nessusd.rules
language = english
cgi_path = /cgi-bin:/scripts
port_range = default
optimize_test = yes
#language = francais
checks_read_timeout = 5
non_simult_ports = 139, 445
plugins_timeout = 320
safe_checks = yes
auto_enable_dependencies = no
use_mac_addr = no
save_knowledge_base = no
kb_restore = no
only_test_hosts_whose_kb_we_dont_have = no
only_test_hosts_whose_kb_we_have = no
kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 864000
n_upload = no
plugin_upload_suffixes = .nasl, .inc
admin_user = root
slice_network_addresses = no


# Crypto options
peks_username = nessusd
peks_keylen = 1024
peks_keyfile = /etc/nessus/nessusd.private-keys
peks_usrkeys = /etc/nessus/nessusd.user-keys
peks_pwdfail = 5


#
# Added by nessus-mkcert
#
cert_file=/usr/com/nessus/CA/servercert.pem
key_file=/var/nessus/CA/serverkey.pem
ca_file=/usr/com/nessus/CA/cacert.pem
# If you decide to protect your private key with a password, 
# uncomment and change next line
# pem_password=password
# If you want to force the use of a client certificate, uncomment next line
# force_pubkey_auth = yes

**************************************************************************************

*******************RC File for All But Dangerous Plugins selected **************
Trimmed the plugin_set for sanity
# This file was automagically created by nessus
trusted_ca = /usr/com/nessus/CA/cacert.pem
nessusd_host = localhost
nessusd_user = user
paranoia_level = 1
begin(SCANNER_SET)
 10180 = yes
 10278 = yes
 10331 = no
 10335 = yes
 10841 = no
 10336 = no
 10796 = no
 11219 = yes
 14259 = no
 14272 = no
 14274 = no
 14663 = no
 11840 = no
end(SCANNER_SET)

begin(SERVER_PREFS)
 max_hosts = 8
 max_checks = 8
 log_whole_attack = yes
 max_threads = 50
 language = english
 cgi_path = /cgi-bin:/scripts
 port_range = default
 optimize_test = yes
 checks_read_timeout = 5
 non_simult_ports = 139, 445
 plugins_timeout = 320
 safe_checks = yes
 auto_enable_dependencies = yes
 use_mac_addr = no
 save_knowledge_base = no
 kb_restore = no
 only_test_hosts_whose_kb_we_dont_have = no
 only_test_hosts_whose_kb_we_have = no
 kb_dont_replay_scanners = no
 kb_dont_replay_info_gathering = no
 kb_dont_replay_attacks = no
 kb_dont_replay_denials = no
 kb_max_age = 864000
 n_upload = no
 plugin_upload_suffixes = .nasl, .inc
 slice_network_addresses = no
 save_session = yes
 save_empty_sessions = yes
 host_expansion = ip
 ping_hosts = no
 reverse_lookup = no
 detached_scan = no
 continuous_scan = no
 unscanned_closed = no
 plugin_upload = no
end(SERVER_PREFS)

begin(SERVER_INFO)
 server_info_nessusd_version = 2.2.1
 server_info_libnasl_version = 2.2.1
 server_info_libnessus_version = 2.2.1
 server_info_thread_manager = fork
 server_info_os = Linux
 server_info_os_version = 2.6.5-1.358
end(SERVER_INFO)

begin(RULES)
end(RULES)

begin(PLUGIN_SET)
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Solaris 8 compile issues, David Henning
Next by Date:  unscanned_closed not always working?, Jason Haar
Previous by Thread:  NessusWX 1.4.4-np and msvcr711.dll, Mercer, Jeff
Next by Thread:  Re: Command Line and GUI Differences, Erik Stephens
Indexes:  [Date] [Thread] [Top] [All Lists]