With all this talk about cli interfaces, figured id post my questions/concerns. I'm writing (as many others are) a web gui to help me facilitate my scans/reporting.
I am having a bitch of a time with the .nessusrc file and understanding it (is there any documentation direclty related to .nessusrc?) . Scanner Set section in particular is whats confused me. What does it do? begin(SCANNER_SET) 10180 = yes 10277 = no 10278 = no 10331 = no 10335 = no 10841 = no 10336 = yes end(SCANNER_SET) Also, if I understand correctly begin(PLUGIN_SET) is either a yes or no for each plugin which can only be updated automagically by the GUI. If so, has anyone written a script to perhaps update .nessusrc plugins selection w/o using the GUI? Something that scans the plugins dir, gets the new plugins dowloaded, sees if it's classified as DoS, etc. and make a decision and include it based on that? Or even better a PHP script to edit the .nessusrc? Robert Timko, CISSP
