Is there a plugin anyone has created that will send an alert if the Symantec
Version is not the latest one? There are some serious vulnerabilities in the
earlier versions however the only plugin I see simply checks to see if a
password vulnerability exists that was in versions prior to 5.x
Thanks,
Daryl
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On
Behalf Of nessus-request@list.nessus.org
Sent: Tuesday, January 30, 2007 12:00 PM
To: nessus@list.nessus.org
Subject: Nessus Digest, Vol 39, Issue 24
Send Nessus mailing list submissions to
nessus@list.nessus.org
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.nessus.org/mailman/listinfo/nessus
or, via email, send a message with subject or body 'help' to
nessus-request@list.nessus.org
You can reach the person managing the list at
nessus-owner@list.nessus.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Nessus digest..."
Today's Topics:
1. Nessus and Windows XP,Internet Explorer and Firefox
(Michele Costantino)
2. Local Administrator vs. Local Account with Administrative
Privledges (Beau Nuanes)
3. Error with internet explorer... (Michele Costantino)
4. Source Code of Plugins (Michael Wisniewski)
5. Re: Source Code of Plugins (Doug Nordwall)
6. RE: Error with internet explorer... (John Scherff)
7. Re: Source Code of Plugins (Renaud Deraison)
8. altering nessus knowledge base files (Sk8board Kid)
9. Scanning external-lan computer, no results? (Michele Costantino)
10. Re: altering nessus knowledge base files (Doug Nordwall)
11. Re: Scanning external-lan computer, no results? (Doug Nordwall)
12. Re: Scanning external-lan computer, no results? (Richard Moore)
13. Re: Scanning external-lan computer, no results? (Doug Nordwall)
14. Re: Scanning external-lan computer, no results?
(Javier Fern?ndez-Sanguino)
15. Re: Scanning external-lan computer, no results? (Doug Nordwall)
----------------------------------------------------------------------
Message: 1
Date: Mon, 29 Jan 2007 21:54:03 +0100
From: "Michele Costantino" <m.costantino@tin.it>
Subject: Nessus and Windows XP,Internet Explorer and Firefox
To: <nessus@list.nessus.org>
Message-ID: <000001c743e7$9c30f8f0$0200a8c0@workstation>
Content-Type: text/plain; charset="us-ascii"
Since the latest Nessus release won't work with Internet Explorer 7 (And 6
with all the patches), i decided to install FireFox and set it as the
default browser in Windows XP.
It does't work neither with FireFox!
I get this message once fired up:
Script Error
Line: 32
Character: 4
Error: Method or property not supported by the object
Bla bla bla
(It's a translation..i get the message in italian and not in english).
Sorry for my bad english!!!
Any way of making Nessus work in windows xp?
------------------------------
Message: 2
Date: Mon, 29 Jan 2007 17:02:42 -0700
From: "Beau Nuanes" <bnuanes@ssg-inc.net>
Subject: Local Administrator vs. Local Account with Administrative
Privledges
To: Nessus <nessus@list.nessus.org>
Message-ID: <20070130000242.02aeb89c@mail1.ssg-inc.net>
Content-Type: text/plain; charset="us-ascii"
Hello,
I have been scanning 2 Windows 2000 hosts in a test environment recently and
noticed that when I supply credentials for the local "Administrator" account I
get very limited results (known holes that are on the machine do not show up on
the report for the scan). However, if I then create a user on the machines
with administrative privledges (ie in the administrator group) and use those
credentials I get the expected results from the scan.
Is it not possible to actually use the local "Administrator" account with
Nessus?
Thanks in advance for the help.
Beau Nuanes
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070129/c2fc56de/attachment.html
------------------------------
Message: 3
Date: Mon, 29 Jan 2007 14:42:25 +0100 (CET)
From: "Michele Costantino" <m.costantino@computerteam.it>
Subject: Error with internet explorer...
To: nessus@list.nessus.org
Cc: nessus_at_list.nessus.org@computerteam.it
Message-ID:
<1701.172.50.1.5.1170078145.squirrel@webmail.computerteam.it>
Content-Type: text/plain;charset=iso-8859-1
I've downloaded and installed nessus onwindows xp.
I get the below error with internet explorer , so i changed the default
brower to firefox, but the error persists.
Line:152
Char:5
Error: Automation server can't create object
Code:0
URL: res://C:\Program Files\Tenable\Nessus\HTML.dll/scantarget.htm
Any suggestion?
------------------------------
Message: 4
Date: Mon, 29 Jan 2007 10:58:33 -0600
From: "Michael Wisniewski" <wiz561@gmail.com>
Subject: Source Code of Plugins
To: nessus@list.nessus.org
Message-ID:
<9314ecb90701290858v3d4266ddtedddd634936feb94@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi!
Just wondering if anybody knows what happened to the source code of the
plugins on the nessus site. You use to be able to view all the non-direct
feed source code, and now it doesn't seem like you are able to. Did I miss
something?
Thanks,
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070129/c4347264/attachment.htm
------------------------------
Message: 5
Date: Mon, 29 Jan 2007 20:02:25 -0500
From: "Doug Nordwall" <raleel@gmail.com>
Subject: Re: Source Code of Plugins
To: "Michael Wisniewski" <wiz561@gmail.com>
Cc: nessus@list.nessus.org
Message-ID:
<752305c00701291702r539a4cd7g34db361aec504ae9@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
not sure. i noticed the other day the url changed. perhaps a migration to a
new format to make sure the code only goes to those who actually download
it?
On 1/29/07, Michael Wisniewski <wiz561@gmail.com> wrote:
Hi!
Just wondering if anybody knows what happened to the source code of
the plugins on the nessus site. You use to be able to view all the
non-direct feed source code, and now it doesn't seem like you are able to.
Did I miss something?
Thanks,
Mike
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070129/5c9cbbd8/attachment.htm
------------------------------
Message: 6
Date: Mon, 29 Jan 2007 19:49:30 -0800
From: "John Scherff" <JScherff@24hourfit.com>
Subject: RE: Error with internet explorer...
To: <m.costantino@computerteam.it>
Cc: nessus@list.nessus.org
Message-ID:
<169658C0C845EC438759DB8B8BC706540A0D885B@NOC-EXCH1.24hourfit.com>
Content-Type: text/plain; charset="us-ascii"
Why would anybody do this? Why aren't you using NessusGUI.exe?
-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Michele Costantino
Sent: Monday, January 29, 2007 5:42 AM
To: nessus@list.nessus.org
Cc: nessus_at_list.nessus.org@computerteam.it
Subject: Error with internet explorer...
I've downloaded and installed nessus onwindows xp.
I get the below error with internet explorer , so i changed the default
brower to firefox, but the error persists.
Line:152
Char:5
Error: Automation server can't create object
Code:0
URL: res://C:\Program Files\Tenable\Nessus\HTML.dll/scantarget.htm
Any suggestion?
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
------------------------------
Message: 7
Date: Tue, 30 Jan 2007 09:15:07 +0100
From: Renaud Deraison <deraison@nessus.org>
Subject: Re: Source Code of Plugins
To: Michael Wisniewski <wiz561@gmail.com>, Nessus List
<nessus@list.nessus.org>
Message-ID: <84E8BF63-C109-478C-AFB6-30326F7D4EA7@nessus.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
On Jan 29, 2007, at 5:58 PM, Michael Wisniewski wrote:
Hi!
Just wondering if anybody knows what happened to the source
code of the plugins on the nessus site. You use to be able to view
all the non-direct feed source code, and now it doesn't seem like
you are able to. Did I miss something?
www.nessus.org is currently running on our replicated server while
the main box is being moved. The replicated system is almost as
functional as the main site, except for the source code of the
plugins (and bugs.nessus.org and cgi.nessus.org are down).
Hopefully, everything will be back to normal next thursday sorry for
the inconvenience,
-- Renaud
------------------------------
Message: 8
Date: Tue, 30 Jan 2007 10:40:59 +0000
From: "Sk8board Kid" <sk8boardkid@gmail.com>
Subject: altering nessus knowledge base files
To: nessus@list.nessus.org
Message-ID:
<21ea48f10701300240w323d1814s227b72d9ab4a7a18@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
I would like to launch nessus from the command line using my nessus
server on 127.0.0.1 in linux but would like it to skip the
portscanning and use a list of ports that i specify instead.
I thought I could create a kb in
/opt/nessus/var/nessus/users/nessus/kbs/127/0/0/127.0.0.1
with the following content:
1170151262 3 Launched/10180=1
1170151262 3 Launched/10335=1
1170151262 3 Ports/tcp/80=1
1170151262 3 Ports/tcp/443=1
1170151262 3 Host/scanned=1
1170151262 3 Host/scanners/nessus_tcp_scanner=1
drwx------ 2 root root 4096 Jan 30 10:23 .
drwx------ 3 root root 4096 Jan 29 15:04 ..
-rw-r----- 1 root root 193 Jan 30 10:21 127.0.0.1
although the scan seems to work as expected, the kbs file is not
updated with the scans results.
If i remove the file nessus runs from scratch saving it's kb with all the info.
Is there another way to do get the desired effect?
Thanks
------------------------------
Message: 9
Date: Tue, 30 Jan 2007 13:07:08 +0100
From: "Michele Costantino" <m.costantino@tin.it>
Subject: Scanning external-lan computer, no results?
To: <nessus@list.nessus.org>
Message-ID: <002401c74467$2ab9fa20$0200a8c0@workstation>
Content-Type: text/plain; charset="us-ascii"
I've tryed a lot of "internet connected" computer (even another pc connected
via modem to internet), but after some seconds, i get the classic "no
vulnerabilities found"; instead if i scan a local pc (via lan) it tooks some
time, and i get the correct report.
Any info on why i cannot scan other computers?
Sorry for my english!
PS:
For the question about internet explorer,i've found a solution:
regsvr32 scan.dll
And the error has gone away!
------------------------------
Message: 10
Date: Tue, 30 Jan 2007 07:58:20 -0500
From: "Doug Nordwall" <raleel@gmail.com>
Subject: Re: altering nessus knowledge base files
To: "Sk8board Kid" <sk8boardkid@gmail.com>
Cc: nessus@list.nessus.org
Message-ID:
<752305c00701300458h3f6704c2u526f0e11919c1b5b@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Check out the .nessusrc file. that has a setting for deciding which ports to
scan. the option you are looking for is called "port_range", which can look
like "default" or "1-65535" or "22-25,80,443" and all points in between
On 1/30/07, Sk8board Kid <sk8boardkid@gmail.com> wrote:
I would like to launch nessus from the command line using my nessus
server on 127.0.0.1 in linux but would like it to skip the
portscanning and use a list of ports that i specify instead.
I thought I could create a kb in
/opt/nessus/var/nessus/users/nessus/kbs/127/0/0/127.0.0.1
with the following content:
1170151262 3 Launched/10180=1
1170151262 3 Launched/10335=1
1170151262 3 Ports/tcp/80=1
1170151262 3 Ports/tcp/443=1
1170151262 3 Host/scanned=1
1170151262 3 Host/scanners/nessus_tcp_scanner=1
drwx------ 2 root root 4096 Jan 30 10:23 .
drwx------ 3 root root 4096 Jan 29 15:04 ..
-rw-r----- 1 root root 193 Jan 30 10:21 127.0.0.1
although the scan seems to work as expected, the kbs file is not
updated with the scans results.
If i remove the file nessus runs from scratch saving it's kb with all the
info.
Is there another way to do get the desired effect?
Thanks
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070130/c21593a9/attachment.htm
------------------------------
Message: 11
Date: Tue, 30 Jan 2007 08:04:39 -0500
From: "Doug Nordwall" <raleel@gmail.com>
Subject: Re: Scanning external-lan computer, no results?
To: "Michele Costantino" <m.costantino@tin.it>
Cc: nessus@list.nessus.org
Message-ID:
<752305c00701300504y3ccf0e8duf0d19e96ac20de03@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
this is because most computers on the internet are protected in some
fashion. Many of them have a firewall in front of them. This will cause your
scan to come back with few or no results.
It is generally considered impolite at the very least to scan someone else's
computer. Most places will consider it an attack. Some will even prosecute.
In some rare cases, it can cause actual harm, including loss of power,
destruction of property, and (one would hope not, but you never know) loss
of life. I have personally flooded (with water) a building with a nessus
scan, and that was against computers I was authorized to scan. It is
extremely important to only run nessus scans against computers you are
authorized to do so.
I would check out some of the documentation available at
http://www.nessus.org/documentation/ particularly the Introduction to nessus
listed on that page.
On 1/30/07, Michele Costantino <m.costantino@tin.it> wrote:
I've tryed a lot of "internet connected" computer (even another pc
connected
via modem to internet), but after some seconds, i get the classic "no
vulnerabilities found"; instead if i scan a local pc (via lan) it tooks
some
time, and i get the correct report.
Any info on why i cannot scan other computers?
Sorry for my english!
PS:
For the question about internet explorer,i've found a solution:
regsvr32 scan.dll
And the error has gone away!
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070130/9fe1ac30/attachment.htm
------------------------------
Message: 12
Date: Tue, 30 Jan 2007 14:33:54 +0000
From: Richard Moore <rich@westpoint.ltd.uk>
Subject: Re: Scanning external-lan computer, no results?
To: Doug Nordwall <raleel@gmail.com>
Cc: nessus@list.nessus.org
Message-ID: <45BF5752.7090304@westpoint.ltd.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Doug Nordwall wrote:
I have personally flooded (with water) a building with a nessus
scan, and that was against computers I was authorized to scan.
I have to ask, how did you manage that? It sounds like there's
a story behind it...
Cheers
Rich.
--
Richard Moore, Principal Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031
------------------------------
Message: 13
Date: Tue, 30 Jan 2007 09:37:23 -0500
From: "Doug Nordwall" <raleel@gmail.com>
Subject: Re: Scanning external-lan computer, no results?
To: "Richard Moore" <rich@westpoint.ltd.uk>
Cc: nessus@list.nessus.org
Message-ID:
<752305c00701300637r13237f08y69fff252493eff9d@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
I was waiting for that.
Short of it was, I had permission to scan behind firewalls and these were
very sensitive controllers that go TU when they get scanned. Hit the one on
a boiler, it overflowed, flooded (like, a few inches) a building.
On 1/30/07, Richard Moore <rich@westpoint.ltd.uk> wrote:
Doug Nordwall wrote:
I have personally flooded (with water) a building with a nessus
scan, and that was against computers I was authorized to scan.
I have to ask, how did you manage that? It sounds like there's
a story behind it...
Cheers
Rich.
--
Richard Moore, Principal Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031
--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070130/23611788/attachment.htm
------------------------------
Message: 14
Date: Tue, 30 Jan 2007 17:16:02 +0100
From: Javier Fern?ndez-Sanguino <jfernandez@germinus.com>
Subject: Re: Scanning external-lan computer, no results?
To: Doug Nordwall <raleel@gmail.com>
Cc: nessus@list.nessus.org
Message-ID: <45BF6F42.7060906@germinus.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Doug Nordwall dijo:
I was waiting for that.
Short of it was, I had permission to scan behind firewalls and these
were very sensitive controllers that go TU when they get scanned. Hit
the one on a boiler, it overflowed, flooded (like, a few inches) a
building.
A new (funny) version of the "printer keeps printing garbage after a
Nessus scan" problem. Indeed!
Javier
------------------------------
Message: 15
Date: Tue, 30 Jan 2007 11:47:37 -0500
From: "Doug Nordwall" <raleel@gmail.com>
Subject: Re: Scanning external-lan computer, no results?
To: " Javier Fern?ndez-Sanguino " <jfernandez@germinus.com>
Cc: nessus@list.nessus.org
Message-ID:
<752305c00701300847k5932d561w2e4f0548e6c53f0a@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
well, i had a sort of "oh **#@!" moment, then i started laughing. this was
in the same week that a scan took down their peoplesoft servers (don't scan
those!!!! we see why.... people patch already!!!) and a lot of other devices
that really should have been better protected. Needless to say, this
illustrated a need to remove these machines from the network.
Short of it though was that I wanted illustrate how you should not be
randomly scanning boxes ever, because they could come after you with very
high powered lawyers and police and the like, for really good reasons, and
not just "you scanned us".
On 1/30/07, Javier Fernández-Sanguino <jfernandez@germinus.com> wrote:
Doug Nordwall dijo:
I was waiting for that.
Short of it was, I had permission to scan behind firewalls and these
were very sensitive controllers that go TU when they get scanned. Hit
the one on a boiler, it overflowed, flooded (like, a few inches) a
building.
A new (funny) version of the "printer keeps printing garbage after a
Nessus scan" problem. Indeed!
Javier
--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if
she laid an asteroid. -- Mark Twain
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20070130/5b3a35aa/attachment.htm
------------------------------
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
End of Nessus Digest, Vol 39, Issue 24
**************************************
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
