Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: NessusWX detached scan revisited again

from [Jimmy Crossley] Network Security [Permanent Link]
Subject: RE: NessusWX detached scan revisited again
Date: Wed, 23 Mar 2005 13:37:40 -0600 
Thank you, Renaud, for explaining things.  I now have a little more
direction.  And I agree with the philosophy that "Nessus is a _scanner_,
an engine, not an all-in-one vulnerability management tool", which many
of us seem to forget.  There is an old article
http://productguide.itmanagersjournal.com/print.pl?sid=05/03/12/142205
which says "We were not so impressed by Internet Scanner 7.0 or Nessus
2.0.6, both of which lack the strong reporting capabilities of Qualys
and Foundstone, as well as the ability to map networks, track
remediation efforts, and automate scans and updates to the
vulnerabilities database."  They just did not understand the philosophy
of making a tool that does one thing well.


Jimmy Crossley
Jcrossley-at-conetrix-dot-com


-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Renaud Deraison
Sent: Wednesday, March 23, 2005 13:05
To: nessus@list.nessus.org
Subject: Re: NessusWX detached scan revisited again

On Wed, Mar 23, 2005 at 12:55:28PM -0600, Jimmy Crossley wrote:

So the options are either to use batch mode with the Windows scheduler
for NessusWX or using the regular Nessus client with the batch-mode
option, right?  Keeping a session tied up while the scan is running is
not an option for us, since we all use laptops and take them with us
everywhere we go.  Not being able to run detached scans makes things
more complicated and more difficult for non-technical people to run
scans.  We had planned on having non-technical people run the scans

and

then the more technical people review the reports.  I, myself, like
being able to go through the GUI, piece by piece, and when I get
everything set like I want it, start the scan and let it send me email
when it's finished.


Detached scans have been written a very very long time ago when the
communication channel between Nessus and the client was buggy at best 
(this is from the pre-OpenSSL days, back in 0.x, when nessusd would
close the communication channel due to a "lack of entropy"). It was
mostly implemented as a band-aid at the time.

We now have a robust communication channel which make the sessions
un-necessary, and the sessions actually messed up the code more than
what I could sustain, which is why I removed the feature altogether - as
I have said numerous times, Nessus is a _scanner_, an engine, not an 
all-in-one vulnerability management tool. 

What you probably want to do is to move away from sessions and use
a web interface instead. There are several interfaces to Nessus out
there, both free (GPL) and commercial (just avoid giving money to one of
these companies which have never contributed anything back to the
project except insults about me my back).


                                -- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: NessusWX detached scan revisited again, Mallory, Danny
Next by Date:  False positives when scanning for MS hotfixes, A J Hammond
Previous by Thread:  RE: NessusWX detached scan revisited again, Mallory, Danny
Next by Thread:  Will not scan, Jonathan Clark
Indexes:  [Date] [Thread] [Top] [All Lists]