Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: HTML and Graphs

from [Corne Kotze] Network Security [Permanent Link]
Subject: Re: HTML and Graphs
Date: Wed, 26 Mar 2008 10:49:19 +0200 
ïHi all,

This could have been posted before, but I have not been able to follow
all the posts.

This is my current setup:
# /opt/nessus/bin/nessus -v
nessus (Nessus) 3.2.0 for Linux
(C) 1998 - 2008 Tenable Network Security, Inc.
SSL used for client - server communication

Running the command:
# /opt/nessus/bin/nessus -q localhost 1241 user password /targets.txt -T
"html_graph" .
I get the following response:
'html_graph' is not a valid report type

It works 100% with the switch  -T "html"

I make use of the back-end as Nessus is installed on Linux with no X or
GUI:
And the server is behind a firewall at the branch, with no option to
open the ports
CentOS release 4.3 (Final)
Linux 2.6.9-34.EL


But on the flip side, I manage to connect to the Nessus server from my
Linux desktop via a tunnel:
ssh -L 2482:<Nessus IP>:1241 root@<firewall IP>

I did try it, then connecting from my client to localhost on port 1241,
it does the scan, as I can see the processes running on the Nessus
server.
But, the report does not look remotely the same as the back-end scan.
For example, with the client scan via the tunnel, one machine will show
maybe 2 or 3 warnings.
The report from the back-end scan will show maybe 10 warnings for that
same machine as well as critical problems.

Questions are, can the back-end scan support "html_graph" ?

Can a client scan via a tunnel be effective with true results?
Or is there something wrong with my tunnel or setup?


Thank you



-  
 

Regards,

Corne Kotze
Managed Services Support Engineer
SYNAQ (Pty) Ltd
Tel: 011 262 3632 OR 0860 0 SYNAQ
Web: http://www.synaq.com


-----Original Message-----
From: Renaud Deraison (lists) <deraison-lists@nessus.org>
To: Nessus list <nessus@list.nessus.org>
Subject: Re: HTML and Graphs
Date: Wed, 26 Mar 2008 09:17:54 +0100

Renaud

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Host identification b/w workstation and server( or internet facing system), Chak Kevin
Next by Date:  Re: HTML and Graphs, Renaud Deraison (lists)
Previous by Thread:  Re: HTML and Graphs, Renaud Deraison (lists)
Next by Thread:  Re: HTML and Graphs, Renaud Deraison (lists)
Indexes:  [Date] [Thread] [Top] [All Lists]