Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Restore/Extract from Knowledge Base

from [Joe Mondloch] Network Security [Permanent Link]
Subject: Restore/Extract from Knowledge Base
Date: Fri, 16 Nov 2007 12:28:42 -0600 
Hi,

I have a large scan that was terminated shortly before it would normally
have completed. I'm hoping to somehow extract the data stored in the KBS
to assemble a usable NBE.

I've modified my nessusrc as follows:

kb_restore = yes
save_knowledge_base = yes
only_test_hosts_whose_kb_we_dont_have = no
only_test_hosts_whose_kb_we_have = yes
kb_dont_replay_scanners = yes
kb_dont_replay_info_gathering = yes
kb_dont_replay_attacks = yes
kb_dont_replay_denials = yes
kb_max_age = 864000

I then kick of the scan again using the modified nessusrc file.
Unfortunately, when it completes the only results present for each host
are from check_ports.nasl (i.e. "The following ports were open at the
beginning of the scan but are now closed:").

Why is check_ports not just relying on the KBS? I'm no longer on the
test network, so if it actually tries to check a host's status it is
obviously not going to work.

Any suggestions on how to get this data into a usable form would be
greatly appreciated.

Thanks,
Joe

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Restore/Extract from Knowledge Base, Joe Mondloch <=
Previous by Date:  Re: compliance_check.nbin update, Doug Nordwall
Next by Date:  Re: HTTP Authentication, George A. Theall
Previous by Thread:  Scanning Virtual Servers, Todd Adamson
Next by Thread:  Freaky output from scanning a NAT pool, Wozny, Scott \(US - New York\)
Indexes:  [Date] [Thread] [Top] [All Lists]