Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Nessus CLI scan: allports? Safe checks no? plugins updated?

from [Douglas Nordwall] Network Security [Permanent Link]
Subject: Re: Nessus CLI scan: allports? Safe checks no? plugins updated?
Date: Thu, 21 Sep 2006 07:04:37 -0700 

On Sep 20, 2006, at 11:35 AM, Staples Todd-G3794C wrote:

All,

I'm running into some trouble running nessus.. Well, a variety of
troubles.  Maybe someone can help me.

I'm trying to run nessus on a "machine" running a carrier grade linux at
kernel 2.6.10. Intel based.

Basically the trouble I'm running into is that I need to have the
following settings for my scans

All ports scanned 1-65535
Safe_checks no (so that the following warning will be no more "The
plugins that have the ability to crash remote services or hosts have
been disabled. You should activate them if you want your security audit
to be complete")
And to have my plugins updated to the latest versions

Problem is, the machine I want to run it against, does not have an
external ethernet connection to the outside world (i.e. internet).  It
is a blade in a chassis that only talks over the chassis' internal
backplane.

I want to run a command line scan with the above parameters from another
blade. None of which do GUI.

this should not be an issue. Nessus comes with a command line client. man nessus will give you a list of options for it, or just "nessus" at the command line will give you a brief list of options.

I'm in a rut trying to configure the server and client to do all ports,
safe_checks no, and cant seem to get my plugins to update. I've tried
downloading the all-2.0.tar.gz file from nessus.org and unpacking it in
the nessus/lib/nessus/plugins directory, but I'm not sure that works.

that does work, actually, as far as I know.

I've also tried the plugin uploading option in both the client config
file /root/.nessusrc and the server config file
nessus/etc/nessus/nessusd.conf

I'm at a loss and out of ideas.  I've seen countless threads on how to
turn safe checks off, none of which have worked, and have seen the
update_nessusrc script which I cant run because my system doesn't have
the perl modules installed.


what I would recommend is setting up a nessus server and client somewhere else and configuring your configuration file (.nessusrc) using the GUI. then copy it over to your client that can connect to a nessus server that is in that network. Make sense?


HELP, I'm swamped.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus



Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland"; but that's because it's the best book on anything for the layman.


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How to use Nessus 3.0.3 (Linux) with Nmap port scanning, Douglas Nordwall
Next by Date:  Re: How to use Nessus 3.0.3 (Linux) with Nmap port scanning, Michel Arboi
Previous by Thread:  Nessus CLI scan: allports? Safe checks no? plugins updated?, Staples Todd-G3794C
Next by Thread:  SCANNING JOB WAS OUT OF PORT RANGE..!, ruud van lee
Indexes:  [Date] [Thread] [Top] [All Lists]