Network Security: Detailed info on Re: Nessus report with zero hosts found

Subject:	Re: Nessus report with zero hosts found
Date:	Tue, 23 Aug 2005 10:10:10 +0800

Hi everyone:
 I compile nessus 2.2.3 under Cygwin,nessusd -d shows:

This is Nessus 2.2.3 for CYGWIN_NT-5.1 1.5.18(0.132/4/2)
compiled with gcc version 3.4.4 (cygming special) (gdc 0.12, using dmd 0.125
)
Current setup :
nasl : 2.2.3
libnessus : 2.2.3
SSL support : enabled
SSL is used for client / server communication
Running as euid : 1005
Include these infos in your bug reports
 And yes , all C plugins do not work, actually I cannot compile C plugins 
into .nes, it always complains "Warning: I can find ....but I cannot find a 
share version..." because it cannot find
libnessus.so,libnasl.so,libhosts_gatherer.so
in my C:\cygwin\usr\local\lib\
 When I scan my machine where nessusd runs, it seems to work well, but when 
I try to scan other machine, it can not find anything,
nessusd.messagesshows like this:
 [Tue Aug 23 09:12:58 2005][3688] connection from
192.168.0.132<http://192.168.0.132>
[Tue Aug 23 09:12:59 2005][140] Client requested protocol version 12. 
[Tue Aug 23 09:12:59 2005][140] successful login of root from
192.168.0.132<http://192.168.0.132>
[Tue Aug 23 09:13:27 2005][140] Redirecting debugging output to 
/usr/local/var/nessus/logs/nessusd.dump 
[Tue Aug 23 09:16:32 2005][140] user root : session will be saved as 
/usr/local/var/nessus/users/root/sessions/20050823-091632-index
[Tue Aug 23 09:16:50 2005][140] user root starts a new scan. Target(s) : 
192.168.0.100 <http://192.168.0.100>, with max_hosts = 16 and max_checks = 
10 
[Tue Aug 23 09:16:51 2005][140] user root : testing
192.168.0.100<http://192.168.0.100>(
192.168.0.100 <http://192.168.0.100>) [2636] 
[Tue Aug 23 09:16:56 2005][2636] user root : new KB will be saved as 
/usr/local/var/nessus/users/root/kbs/192.168.0.100
[Tue Aug 23 09:16:57 2005][2636] user root : launching ssh_settings.nasl 
against 192.168.0.100 <http://192.168.0.100> [2816] 
[Tue Aug 23 09:16:57 2005][2636] user root : launching global_settings.nasl 
against 192.168.0.100 <http://192.168.0.100> [1872] 
[Tue Aug 23 09:16:57 2005][2636] ssh_settings.nasl (process 2816) finished 
its job in 0.268 seconds 
[Tue Aug 23 09:16:57 2005][2636] global_settings.nasl (process 1872) 
finished its job in 0.126 seconds 
[Tue Aug 23 09:16:57 2005][2636] user root : launching ping_host.nasl 
against 192.168.0.100 <http://192.168.0.100> [3376] 
[Tue Aug 23 09:16:58 2005][2636] ping_host.nasl (process 3376) finished its 
job in 1.253 seconds 
[Tue Aug 23 09:16:58 2005][2636] user root : launching logins.nasl against 
192.168.0.100 <http://192.168.0.100> [3752] 
[Tue Aug 23 09:16:58 2005][2636] user root : The remote host
(192.168.0.100<http://192.168.0.100>)
is dead 
[Tue Aug 23 09:16:59 2005][2636] Finished testing
192.168.0.100<http://192.168.0.100>.
Time : 7.50 secs 
[Tue Aug 23 09:16:59 2005][140] user root : test complete
[Tue Aug 23 09:16:59 2005][140] user root : Nothing interesting found - 
deleting the session 
 and nessusd.dump shows:
 Error opening adapter: 系统找不到指定的设备 // system cannot find the device
 And last, when I scan my machine, it is not very slow compared to run 
nessus in virtual machine.
 Anybody has rewritten find_service in NASL or How can I compile C plugins 
under Cygwin ?
 Thanks in advance
 Rick
 
 2005/8/19, Michel Arboi <mikhail@nessus.org>:


On Thu Aug 18 2005 at 09:33, Fengwei wrote:

I downloaded the nessus source code and have built on cygwin
successfully (actually unknown, that's why I'm testing it)


I did this a long time ago, before NeWT existed, because in one
special case, I needed Nessus on Windows.
IIRC:
- C plugins will not work, so you'll need a way to portscan the
targets. Now, the best way is probably to use the NASL nmap wrapper,
but when I did that, it was still a C wrapper so I rewrote a port
scanner in NASL.
- worse, find_service is still in C, so you must rewrite it in
NASL. The result will be slow as NASL does not provide any way to
multithread the script. Without find_service, the scan report is
worthless.
- a couple of other C plugins will have to be rewritten or removed.
- I don't remember exactly, but I think there was a problem with raw
sockets. Either they were not reliable, or needed some hacking to work
with WinPcap. BTW, I suspect that you ran into a problem with 
ping_host.nasl
- and last but not least, as Cygwin emulates Unix fork, the resulting
software is *very* slow.

IMHO, running Nessus on Cygwin is rather brain damaged now. Unless
this is a programming challenge :)

--
http://arboi.da.ru/
PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91
Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
Nessus report with zero hosts found, Fengwei Re: Nessus report with zero hosts found, Renaud Deraison Re: Nessus report with zero hosts found, Michel Arboi Re: Nessus report with zero hosts found, Rick L.Y. Eagles <= Re: Nessus report with zero hosts found, Rick L.Y. Eagles RE: Nessus report with zero hosts found, PaJohnston

Previous by Date:	RE: NessusWX v GTK client, net sec
Next by Date:	SMB credentials and Administrator lockouts, net sec
Previous by Thread:	Re: Nessus report with zero hosts found, Michel Arboi
Next by Thread:	Re: Nessus report with zero hosts found, Rick L.Y. Eagles
Indexes:	[Date] [Thread] [Top] [All Lists]