Thanks for the suggestions. After looking around on google, the closest
thing to what I want is ActiveWidgets, a free Windows-like widget set
written in javascript that can display data spreadsheet-style. It
doesn't seem to have any database link, though, and making that part
work without knowing javascript seemed like way too much effort to me.
I need this to use a db because of the large number of hosts involved.
I decided to add the mitigation marking to my existing display tool.
It's mostly done now, if anyone wants the code let me know.
-----Original Message-----
From: Chuck [mailto:chuck.lists@gmail.com]
Sent: Monday, April 25, 2005 10:24 AM
To: Fender, Brian
Cc: nessus@list.nessus.org
Subject: Re: Results display & mitigation marking tool?
This may not be exactly what you are asking for, but it might be helpful
to you and I am interested to hear if this is a valid methodology (and
if better ones exist) from others on the list :-) If you follow this
technique, the "first-not-second" file will end up with issues that were
found in the first scan, but not in the second (i.e. have been remedied)
and the "second-not-first" file will have new issues that have appeared
since the first scan.
NOTE: This is intended for use in scanning the same systems twice at
different times. It should account for limited changes such as new
systems coming online. It probably will not handle dynamically assigned
addressed (such as DHCP). You may be able to use the Nessus "report by
MAC" option to account for that, but I haven't tried. As always, sanity
check the results before relying on them.
To compare the results of two nessus scans:
1. Run two nessus scans, saving output to .nbe files (you can save other
formats as well, I recommend XML, but .nbe is required for this
process)
2. Sort both files with sort
sort file1.nbe > first.nbe
sort file2.nbe > second.nbe
3. Use diff to get list of items in the first not in the second file:
diff first.nbe second.nbe | grep '<' |cut -d' ' -f 2- >
first-not-second.nbe
4. Use diff to get list of items in the second not in the first file:
diff first.nbe second.nbe | grep '>' |cut -d' ' -f 2- >
second-not-first.nbe
5. Convert new nbe files to another format for reporting (xml or html)
with:
nessus -i first-not-second.nbe -o first-not-second.xml
or
nessus -i first-not-second.nbe -o first-not-second.html
On 4/24/05, Fender, Brian <Brian.Fender@il.proquest.com> wrote:
Do any tools exist to display nessus results from multiple scans, and
mark results as why they're mitigated or not?
I have my nessus and nmap results being imported into a database. I'm
looking for something that will let me view and modify my data
excel-style. It's easy to dump the data out in an html table, but gets
harder when you want to select and modify cells.
-Brian
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
