My point was: If I run NESSUS server on the same server as the one to be tested (against external attacks), the same server that insure the connection from the internal network to the external world (www) and which is protected by a firewall, any packet sent by NESSUS in purpose of the checking have great chances to be stopped by the firewall in either sides: IN and/or OUT - In this environment, in my understanding NESSUS cannot do its job correctly - This is why I was thinking that nessusd HAD to run on a separate machine, completely outside of my network (e.g. an other internet connection for an other linux box which wont have a firewall at all in the duration of the testing [e.g. a "crash test machine" as this poor thing wont be protected by any firewall out there]).
Basically my understanding problem is the following: How can I pretend to "attack" myself from the outside when nessusd in running on the server INSIDE the firewall (note that some iptables rules might not only stop packets from getting inside the internal network, but also stop packets willing to go out) Thanks for any clarification on my lake of understanding -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Renaud Deraison Sent: Thursday, August 29, 2002 12:49 PM To: [EMAIL PROTECTED] Subject: Re: == Checkin security of the inside but I am not outside bla, bla, bla ... == On Thu, Aug 29, 2002 at 12:48:54PM +0200, Jerome Iffrig wrote: > I would like to do it as if I was someone from the outside - However I > have installed NESSUS on the server machine which runs the firewall - As > far as I understand Nessus cannot operate properly in this environment. It will operate properly, although it will see more things than what are actually available (if your firewall blocks all incoming connections but you still run a vulnerable lpd or whatever, Nessus will see that although an attacker would not). > So, what is the recommended approach for the tests I want to do? Test it and upgrade everything anyway, even if not available from the outside. If you can't break into that host from the inside, odds are that it will be difficult to do from the outside. -- Renaud - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
