On 13 Feb 2002, Michel Arboi wrote: > No.He said he was running Nessus 1.1.x, and the connection is always > enciphered with SSL. > A way to do it would be to configure Nessus without the SSL layer, or > run the latest CVS version and set "ssl_version=no" in nessusd.conf
I also have a box (Mac OS X) running 1.1.12. I *do* have SSL enabled on nessusd. However, to be able to telnet to the nessusd server @ 1241/3001, I had to comment out the force_pubkey_auth line in /usr/local/etc/nessus/nessusd.conf. I also added the file "password" in /usr/local/var/nessus/users/TESTUSERNAME/auth/ containing the plain text password. Additionally, when I added the TESTUSERNAME user (nessus-adduser), I specified the auth type as plaintext. The setup for a 1.0 series server was similar, although slightly less involved. I sent a message to this list last week outlining the process for a 1.0 series server. I certainly recognize that all of the above is far from ideal with security in mind. Ideally I can get some patches to make the script work with keys (1.0) and certs (1.1). > If there is a SSL library for Python, you should try to use it. I'm sure there is an SSL library for Python. I may give it a shot. However, as I stated before, I am not a coder. I don't even play one on TV. :) This script is my first attempt at anything other than simple Bash scripts. No excuses implied - just that I'm learning Python (and Nessus internals) as I go, so don't expect any miracles from my (lack of) coding ability. :) I really do appreciate the feedback though and would gladly accept any patches to the script. -- ~Jay
