I just tried to use it to scan the one thing I wanted to in the first
place but the results have false positives that are wildly off for ssh
on my linux box for example. It is complaining about accounts that I
know don't exist and having just checked again definitely aren't in
/etc/passwd. This didn't happen the last time I scanned before
upgrading. For example root is one of the false positives but I don't
allow root password logins.
Seems my installation is broken.
Should I just try scrapping eveything and starting again?
Hari
On 28/01/07, Hari Sekhon <hpsekhon@googlemail.com> wrote:
I found a posting from the archive and followed it's recommendation
given by Renaud. So I did:
# nessus-fetch --check
nessnessus-fetch is properly configured to receive a direct plugin feed
# nessus-update-plugins
# nessusd
Loading the plugins... 8874 (out of 13845)
------------------------------------------------------------------------------
You are running a version of Nessus which is not configured to receive
a full plugin feed. As a result, your security audits might produce incomplete
results.
To obtain a full plugin feed, you need to register your Nessus scanner
at the following URL :
http://www.nessus.org/register/
------------------------------------------------------------------------------
Loading the plugins... 12648 (out of 13845)[16712]() Including
crypto_func.inc which is not authenticated - losing our authenticated
status
All plugins loaded
So on the one hand it tells me I have a correct direct feed and on the
other hand it says I have a both a feed problem and also some auth
problem related to this crypto_func.inc
Anyone got any ideas on fixing this?
Thanks
Hari
On 28/01/07, Hari Sekhon <hpsekhon@googlemail.com> wrote:
> Hi,
> I have just upgraded my nessus registered installation of 2.2 to
> 2.3 and now it is giving the following message every time I start
> nessud:
>
> ------------------------------------------------------------------------------
> You are running a version of Nessus which is not configured to receive
> a full plugin feed. As a result, your security audits might produce incomplete
> results.
>
> To obtain a full plugin feed, you need to register your Nessus scanner
> at the following URL :
>
> http://www.nessus.org/register/
>
> ------------------------------------------------------------------------------
>
> [21295]() Including crypto_func.inc which is not authenticated -
> losing our authenticated status
>
>
> Does this mean I have to re register? Also, what is the implication of
> the crypto_func.inc message?
>
>
>
> Thanks
> --
> Hari Sekhon
>
--
Hari Sekhon
--
Hari Sekhon
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
