Send Nessus mailing list submissions to
nessus@list.nessus.org
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.nessus.org/mailman/listinfo/nessus
or, via email, send a message with subject or body 'help' to
nessus-request@list.nessus.org
You can reach the person managing the list at
nessus-owner@list.nessus.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Nessus digest..."
Today's Topics:
1. weak ciphers 26928 (Thomas Atkins)
2. Re: weak ciphers 26928 (George A. Theall)
3. Re: weak ciphers 26928 (Marcin Wielgoszewski)
4. RE: DOT-NESSUS FILE (John Scherff)
5. Mac OSX Nessus Question (Simon Taplin)
6. Re: Mac OSX Nessus Question (Ron Gula)
7. Re: Mac OSX Nessus Question (Michel Arboi)
8. Re: DOT-NESSUS FILE (Ron Gula)
9. Re: Mac OSX Nessus Question (Doug Nordwall)
10. RE: Mac OSX Nessus Question (Jason Alexander)
----------------------------------------------------------------------
Message: 1
Date: Tue, 22 Jul 2008 14:37:20 -0400
From: Thomas Atkins <Thomas.Atkins@Sun.COM>
Subject: weak ciphers 26928
To: nessus@list.nessus.org
Message-ID: <488628E0.7060104@Sun.COM>
Content-Type: text/plain; format=flowed; charset=ISO-8859-1
Hi,
Can I get a detailed description of what plugin 26298 does?
I've already seen
http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928.
Thanks,
Tom
------------------------------
Message: 2
Date: Tue, 22 Jul 2008 15:25:01 -0400
From: "George A. Theall" <theall@tenablesecurity.com>
Subject: Re: weak ciphers 26928
To: nessus@list.nessus.org
Message-ID: <AC2C94E4-95E4-4F56-8463-412EF694CDDE@tenablesecurity.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On Jul 22, 2008, at 2:37 PM, Thomas Atkins wrote:
Can I get a detailed description of what plugin 26298 does?
I've already seen
http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928
.
It takes the results of another plugin (#21643) and reports any SSL
cipher suites with key lengths < 56 bits, including those with no
encryption support whatsoever.
George
--
theall@tenablesecurity.com
------------------------------
Message: 3
Date: Tue, 22 Jul 2008 15:30:08 -0400
From: "Marcin Wielgoszewski" <marcinw86@gmail.com>
Subject: Re: weak ciphers 26928
To: Thomas.Atkins@sun.com
Cc: nessus@list.nessus.org
Message-ID:
<cb63c2fc0807221230m6071d8fbqf2762e97897695a0@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
It checks the cipher strength. It will report positive if a cipher
strength of 56-bit or a null cipher (one that doesn't actually encrypt
the transport) is supported.
ssl_supported_ciphers.nasl
cat = 0;
NULL_STRENGTH = cat;
labels[cat] = "Null Ciphers (no encryption)";
LOW_STRENGTH = ++cat;
labels[cat] = "Low Strength Ciphers (< 56-bit key)";
MEDIUM_STRENGTH = ++cat;
labels[cat] = "Medium Strength Ciphers (>= 56-bit and < 112-bit key)";
HIGH_STRENGTH = ++cat;
labels[cat] = "High Strength Ciphers (>= 112-bit key)";
max_strength = ++cat;
labels[cat] = "Uncategorized Ciphers";
Hope this helps,
-Marcin
tssci-security.com
On 7/22/08, Thomas Atkins <Thomas.Atkins@sun.com> wrote:
Hi,
Can I get a detailed description of what plugin 26298 does?
I've already seen
http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928.
Thanks,
Tom
------------------------------
Message: 4
Date: Tue, 22 Jul 2008 14:54:37 -0700
From: "John Scherff" <JScherff@24hourfit.com>
Subject: RE: DOT-NESSUS FILE
To: <nessus@list.nessus.org>
Message-ID:
<169658C0C845EC438759DB8B8BC7065417D654B0@NOC-EXCH1.24hourfit.com>
Content-Type: text/plain; charset="us-ascii"
My question: will this continue to be the behavior in the future?
________________________________
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of John Scherff
Sent: Monday, July 21, 2008 6:12 PM
To: nessus@list.nessus.org
Subject: DOT-NESSUS FILE
Tenable Team,
I was pleasantly surprised to find out that extraneous XML is not
stripped out of the dot-nessus file by the scanner. I plan to create a
new node called <Directives> (a sibling to <Policies>) and beneath that
will be configuration items of my own which will be consumed by
post-scan handlers (e.g., scripts that convert and email the scan
results). For example:
<?xml version="1.0"?>
<NessusClientData>
<Directives>
<Directive>
<name>outputFormats</name>
<value>html;nbe</value>
</Directive>
<Directive>
<name>emailRecipients</name>
<value>jscherff@24hourfit.com,deraison@nessus.org</value>
</Directive>
<Directive>
<name>attachResults</name>
<value>no</value>
</Directive>
<Directive>
<name>stripInfos</name>
<value>yes</value>
</Directive>
</Directives>
<Targets>
...
</Targets>
<Policies>
<Policy passwordsType="Linux">
<policyName/>
<policyComments/>
...
</NessusClientData>
My question: Is it by accident or design that unused XML is ignored and
left untouched by the nessus, and will this continue to be the behavior
in the future?
Thanks,
John Scherff
Information Security and Storage Manager
24 Hour Fitness
o: 760-918-4485
c: 760-351-6946
e: jscherff@24hourfit.com
The code of competence is the only system of morality that's on a gold
standard. -Ayn Rand
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.nessus.org/pipermail/nessus/attachments/20080722/9bea755f/attachment-0001.html
------------------------------
Message: 5
Date: Tue, 22 Jul 2008 23:14:19 +0200
From: "Simon Taplin" <simon.taplin@gmail.com>
Subject: Mac OSX Nessus Question
To: nessus@list.nessus.org
Message-ID:
<e8b04e770807221414u72b3bab7w61f025a2baf0d078@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Does Nessus on OS X have the ability to use nmap/nicto/etc from
Macportsif the paths are correct or is it just the Linux versions?
Simon
--
RSA Cellphone: +27 72 613 0635
USA Cellphone: +1 409 256 7357
------------------------------
Message: 6
Date: Wed, 23 Jul 2008 09:39:16 -0400
From: Ron Gula <rgula@tenablesecurity.com>
Subject: Re: Mac OSX Nessus Question
To: nessus@list.nessus.org
Message-ID: <48873484.4090701@tenablesecurity.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Simon Taplin wrote:
Does Nessus on OS X have the ability to use nmap/nicto/etc from
Macportsif the paths are correct or is it just the Linux versions?
I've not personally configured nmap or nikto on a Mac, but there is
nothing that prevents Nessus from calling those tools as long as they
are configured in the path.
A good description on how to set up Nessus and Nikto on UNIX (it is
not Mac specific) is here:
http://ma75.blogspot.com/2008/05/en-calling-nikto-from-nessus.html
Ron Gula
Tenable Network Security
------------------------------
Message: 7
Date: Wed, 23 Jul 2008 15:44:47 +0200
From: Michel Arboi <mikhail@nessus.org>
Subject: Re: Mac OSX Nessus Question
To: nessus@list.nessus.org
Message-ID: <200807231544.47763.mikhail@nessus.org>
Content-Type: text/plain; charset="iso-8859-1"
On Tuesday 22 July 2008 23:14:19 Simon Taplin wrote:
Does Nessus on OS X have the ability to use nmap/nicto/etc from
Macportsif the paths are correct or is it just the Linux versions?
Probably, but calling external commands from Nessus is a source of
problems
and should be avoided.
http://www.nessus.org/documentation/index.php?doc=nmap-usage
------------------------------
Message: 8
Date: Wed, 23 Jul 2008 09:32:10 -0400
From: Ron Gula <rgula@tenablesecurity.com>
Subject: Re: DOT-NESSUS FILE
To: nessus@list.nessus.org
Message-ID: <488732DA.1020005@tenablesecurity.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi John,
I haven't looked into this nor have I asked anyone at Tenable to look
into it. You may be taking advantage of some implementation issues and
if an application that processes the .nessus file is expecting to run
into the <Targets> element right after the <NessusClientData>, they
could have errors.
I don't forsee any coding changes to the Nessus Client that would impact
your modifications if you use them locally, but at the same time, we're
not adding a QA step that makes sure your modifications aren't broken
in the future or modifying the official XSD and file format.
Ron Gula
Tenable Network Security
John Scherff wrote:
My question: will this continue to be the behavior in the future?
________________________________
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of John Scherff
Sent: Monday, July 21, 2008 6:12 PM
To: nessus@list.nessus.org
Subject: DOT-NESSUS FILE
Tenable Team,
I was pleasantly surprised to find out that extraneous XML is not
stripped out of the dot-nessus file by the scanner. I plan to create a
new node called <Directives> (a sibling to <Policies>) and beneath that
will be configuration items of my own which will be consumed by
post-scan handlers (e.g., scripts that convert and email the scan
results). For example:
<?xml version="1.0"?>
<NessusClientData>
<Directives>
<Directive>
<name>outputFormats</name>
<value>html;nbe</value>
</Directive>
<Directive>
<name>emailRecipients</name>
<value>jscherff@24hourfit.com,deraison@nessus.org</value>
</Directive>
<Directive>
<name>attachResults</name>
<value>no</value>
</Directive>
<Directive>
<name>stripInfos</name>
<value>yes</value>
</Directive>
</Directives>
<Targets>
...
</Targets>
<Policies>
<Policy passwordsType="Linux">
<policyName/>
<policyComments/>
...
</NessusClientData>
My question: Is it by accident or design that unused XML is ignored and
left untouched by the nessus, and will this continue to be the behavior
in the future?
Thanks,
John Scherff
Information Security and Storage Manager
24 Hour Fitness
o: 760-918-4485
c: 760-351-6946
e: jscherff@24hourfit.com
The code of competence is the only system of morality that's on a gold
standard. -Ayn Rand
------------------------------
Message: 9
Date: Wed, 23 Jul 2008 10:10:17 -0400
From: Doug Nordwall <raleel@gmail.com>
Subject: Re: Mac OSX Nessus Question
To: Ron Gula <rgula@tenablesecurity.com>
Cc: "nessus@list.nessus.org" <nessus@list.nessus.org>
Message-ID: <278875B2-AF5F-4A2E-8D15-69FAA0994192@gmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
I'll give it a try later today.
Sent from my iPhone
On Jul 23, 2008, at 9:39 AM, Ron Gula <rgula@tenablesecurity.com> wrote:
Simon Taplin wrote:
Does Nessus on OS X have the ability to use nmap/nicto/etc from
Macportsif the paths are correct or is it just the Linux versions?
I've not personally configured nmap or nikto on a Mac, but there is
nothing that prevents Nessus from calling those tools as long as they
are configured in the path.
A good description on how to set up Nessus and Nikto on UNIX (it is
not Mac specific) is here:
http://ma75.blogspot.com/2008/05/en-calling-nikto-from-nessus.html
Ron Gula
Tenable Network Security
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
------------------------------
Message: 10
Date: Wed, 23 Jul 2008 14:55:43 +0100
From: Jason Alexander <jalexander@plus.net>
Subject: RE: Mac OSX Nessus Question
To: nessus@list.nessus.org
Message-ID: <0K4G004WYPN6WJ30@calendar.plus.net>
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Looking for a good web front end for nessus that can handle multiple
scanners and automate scans... Looked at inprotect but it has to many bugs
and doesn't look to be maintained any more. Does any one have any good
suggestions? Even commerical options would be considered
ta
-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org]
On Behalf Of Simon Taplin
Sent: 22 July 2008 22:14
To: nessus@list.nessus.org
Subject: Mac OSX Nessus Question
Does Nessus on OS X have the ability to use nmap/nicto/etc from Macportsif
the paths are correct or is it just the Linux versions?
Simon
--
RSA Cellphone: +27 72 613 0635
USA Cellphone: +1 409 256 7357
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
------------------------------
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
End of Nessus Digest, Vol 57, Issue 19
**************************************
