Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Nessus Update Plugins?

from [Alagesan, Deva] Network Security [Permanent Link]
Subject: RE: Nessus Update Plugins?
Date: Tue, 25 Apr 2006 17:48:48 +0530 
Hi,

 

[root]# ls  /usr/local/etc/nessus/                                              
                                                          
nessusd.conf  nessusd.rules  nessus-fetch.rc


[root]# more /usr/local/etc/nessus/nessus-fetch.rc                              
                                               
login=
password=

proxy=
proxy_port=
proxy_username=
proxy_password=
[root]# 

 

We can specify the proxy details in this file. If the file is not found create 
a file like this in the correct path.

 

Regards,

Deva

 

 

________________________________

From: Brendan Bush [mailto:Brendan.Bush@wao.gov.uk] 
Sent: Tuesday, April 25, 2006 10:19 AM
To: Alagesan, Deva
Subject: RE: Nessus Update Plugins?

 

Thanks Deva!

I've already tried point 1) (as I stated esrlier), and the machine does not 
have full Internet access, as it's sitting behind a web proxy server - that is 
the whole problem!!!

I know that I need to enter the details of the web proxy server in the 
nessus-fetch.rc file, but I can't find it, or don't appear to have one on the 
laptop!?

Any more help, greatfully received!

Thanks!

BB

 

From: Alagesan, Deva [mailto:deva.alagesan@genpact.com]
Sent: Monday, 24 April, 2006 19:46
To: Brendan Bush; nessus@list.nessus.org
Subject: RE: Nessus Update Plugins?

Hi,

 

1) Try to find the path for nessus-fetch binary.. If it is 
/usr/local/bin/nessus-fetch. Use & exceute [root] /usr/local/bin/nessus-fetch 
--register xxxx-xxxx-xxxx-xxxx-xxxx

 

2) Also check is the linux machine is having Full internet access for this 
error "could not connect to plugins.nessus.org - Operation now in progress"

 

 

Don't do any other steps apart from this. No need to use all-2.0.ta.gz file 
also.. So goahead with the above steps...

 

Regards,

Deva

 

From: nessus-bounces@list.nessus.org on behalf of Brendan Bush
Sent: Mon 4/24/2006 6:05 PM
To: nessus@list.nessus.org
Subject: Nessus Update Plugins?

Hi!

I'm a relative newbie to Linux but have been given the task to undertake the 
installation of Nessus on a laptop to use as a machine to test for 
vulnerabilities on servers.

I've installed RedHat 9 (including latest updates) on a Toshiba Satellite Pro 
6100 (Pentium 4, 1700MHz CPU) with 512MB RAM, and then installed Nessus 2.2.7 
(via the source code, as I couldn't get the installer to work.)

I've created a user for the Nessus client, but I can't get the Update Plugins 
to install automatically.

The Nessus web site says, for a manual update to the plugins, you need to 
register and then follow the instructions in the e-mail you are sent, which 
tells you to execute the following command:

/opt/nessus/bin/nessus-fetch --register xxxx-xxxx-xxxx-xxxx-xxxx

I've tried this but this gives the output: "bash: /opt/nessus/bin/nessus-fetch: 
No such file or directory", as there is nothing in the /opt/ folder!

There are, though, copies of 'nessus-fetch' in /usr/local/bin/ & 
/root/nessus-core/nessu-fetch/

If I try swapping these locations into the command to execute, above, I still 
get, though:

"could not connect to plugins.nessus.org - Operation now in progress"

And nothing happens.

I can download the "all-2.0.tar.gz" file and extract it though, but don't know 
where to put the "*.nasl" files that come from it! (That's if it's actually 
possible to configure the software/updates this way!?

I did then try typing-in:

"/root/nessus-core/nessu-fetch/ --plugins"

And I got the output:

"Could not locally open all-2.0.ta.gz - file exists"!

We run a proxy server, though you don't have to log-in to get to the Internet. 
I've got the Mozilla browser configured, that comes with RedHat, with the 
Manual proxy configuration for our proxy server and port (under 'Edit' > 
'Preferences' > 'Advanced' > 'Proxies') for HTTP, SSL, FTP, Gopher & SOCKS 
(v.5), and have also configured the 'Network Proxy', under 'Preferences' (in 
RedHat), manually with the same settings as in the browser.

I've come across the file, "nessus-update-plugins.8", at: 
/root/nessus-plugins/docs/ which says, under 'PROXIES', "If you are behind a 
web proxy, then read the manual page of nessus-fetch to configure nessus-fetch 
with a proper proxy support."

I've found "nessus-fetch.1", of manual page type, and gone down to the "PROXY 
SUPPORT" section, where it says,

"If you need to connect to the internet through a proxy, nessus-fetch can be 
configured to use one. Simply edit the file

nessus-fetch.rc

and add the following lines, changing the appropriate values where necessary:

proxy=192.169.0.1

proxy_port=3128

proxy_username=renaud

Proxy_password=s3cr3t"

Unfortunately I cannot find a "nessus-fetch.rc" file, though I did find a 
'nessus-fetch.c' file located at:

/root/nessus-core/nessus-fetch/

Though not sure of any definite place within this file that could be edited 
with the above text!

Help!!! Can anyone advise me how I can get this set-up to update the plugins 
automatically, or, if not, where I might be able to place the NASL 
files/plugins/updates I've already extracted?

Thanks! I'm in a bit of a rush for this! Need it sorted by the end of the 
afternoon, if possible!!!!!

Brendan B.

Brendan BUSH - WAO ICT/ Adran TGaCh SAC

Research & Development Officer/ Swyddog Ymchwil a Datblygiad

Deri House, 2-4, Park Grove, CARDIFF, CF10 3PA.

E-mail/E-bost: Brendan.Bush@wao.gov.uk

Tel. no./Rhif. ffon.: (029) 2026-2635

Mob. no./Rhif symudol.: 07779 625536

 

This email and any attached files is private. If you are not the intended 
recipient please destroy all copies and inform the sender by return e-mail. 

This message has been scanned for viruses by BlackSpider MailControl. 

For further information on the Wales Audit Office and details of other ways to 
contact us please visit our website at www.wao.gov.uk. 

Mae'r ebost hwn ac unrhyw ffeiliau atodedig yn breifat. Os nad atoch chi y 
bwriadwyd anfon yr ebost hwn dylech ddinistrio pob copi a hysbysu'r anfonwr 
drwy anfon ebost yn ôl atynt. 

Mae'r neges hon wedi cael ei harchwilio am firysau gan BlackSpider MailControl 

I gael gwybodaeth bellach am Swyddfa Archwilio Cymru a manylion am ffyrdd 
eraill o gysylltu â ni, ewch i'n gwefan.

Click here <https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==>  to report 
this email as spam.


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Nessus Update Plugins?, Brendan Bush
Next by Date:  Hydra + Nessus : Unsupported server command: FILE_ACCEPTED, LE GUELLEC Goulven DF/SBR
Previous by Thread:  RE: Nessus Update Plugins?, Brendan Bush
Next by Thread:  [7760] Could not allocate a pointer size, Chris Karr
Indexes:  [Date] [Thread] [Top] [All Lists]