On Fri, 7 Feb 2003, Jim Cervantes wrote: > I believe the point here is that this type of information could be passed by > the server back to the client where the client could do whatever may be > desired, report generation being one example. Presumably this would require > changes in plugins and the plugin environment, NTP (client/server protocol), > and of course with clients that consume the new data (perhaps NTP is well > enough designed to allow an extension without upsetting existing clients). > Renaud did an excellent job at making the Nessus code very robust. If the client receives a message that it does not understand, it is ignored. Therefore, the small extensions made to the server will still allow older clients to connect to it, and vice versa.
This involves NO changes to either the plugin nor the plugin-environment. The information exists on the server-side, it is just never passed to the client. A sample of what I'm doing with the Nessus reports can be found at: http://www.rit.edu/~wjh3710/pub/testing.html This report can also perform verbose plugin reporting. For every test scheduled to run, it will tell you the plugin name, number, and whether the plugin found a vulnerability, ran successfully, or didn't run because one of it's dependencies was not satisfied. > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] > > Sent: Friday, February 07, 2003 7:08 PM > > To: Jim Cervantes; Norbert Kiesel; William Heinbockel > > Cc: Nessus List > > Subject: RE: How do I know which attacks were run? > > > > > > Hi: > > Would this information be in addition to the nessusd logs. > > <snip>Older e-mails cut</snip> > ---------------------- William Heinbockel Information Security Incident Response Assistant Co-op Risk & Safety Management Rochester Institute of Technology E-mail: [EMAIL PROTECTED]
