I've installed 2.2.8 yesterday upon recommendation that it was the
latest in the 2.x series and scanned my subnet from the command line
using the client as follows:
nessus -c .nessusrc -T html_graph -q localhost 1241 myuser mypassword
targetfile nessus_results -x
The graphs and html were all generated so I took a look at them through
apache. It seems that the pages have broken links, perhaps not all the
html was generated correctly.
eg.
http://mywebserver/nessus_results/ip_address/index.html
works fine but contains lines like
/ssh (22/tcp)
<http://hermes/nessus_results/192_168_1_150/index.html#192_168_1_150_22_tcp>//
<http://hermes/nessus_results/192_168_1_150/index.html#192_168_1_150_22_tcp>
(Security notes found)/
where the link that /ssh (22/tcp)
<http://hermes/nessus_results/192_168_1_150/index.html#192_168_1_150_22_tcp>
/points to is
http://mywebserver/nessus_results/ip_address/index.html#ip_address_port_tcp
but this anchor doesn't exit and the page isn't big enough to really
contain it.
A lot of pages have these broken links but I've just found one that
actually works as expected and has some service information lower down
on the page, anchored so the links in the port listings work.
I'm not sure if this is by design or by fault but a lot of pages are
also missing the pie charts at the top to show the percentages of
security risks.
It seems that the pages with the broken links and missing service
information are also the same pages with the missing pie charts at the
top, so it seems that those pages were not constructed properly, despite
the fact those machines have lots of open ports listed.
Any help appreciated.
-h
/
<http://hermes/nessus_results/192_168_1_150/index.html#192_168_1_150_22_tcp>/
--
Hari Sekhon
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
