On Wed, Apr 07, 2004 at 02:21:54PM -0400, [EMAIL PROTECTED] wrote: > Thanks for all info. I'm testing sd2nbe now.
I pointed you to the web page because it has some sample scripts for
processing NBE output, not for sd2nbe itself. You probably don't even
want sd2nbe, just the scripts.
> Another question: How can I save reports in html_graph format when using
> Windows Nessus client?
NessusWX doesn't support that format directly. You can, however, export
results as NSR and then use the unix-based nessus client to convert that
to html_graph output, NBE output, or anything else that the nessus
client supports.
> 1.) Is there a way I can sort report by OS? Like UNIX (AIX, Solaris, RH,
> etc.), Windows, etc.
Let's suppose you use plugin 11936 (os_fingerprint.nasl) to report OS
version and have saved results in NBE format as results.nbe. This
script lets you generate reports for a couple OS breakdowns:
awk -F'|' '$1 == "results" && $5 == "11936" && $7 ~ /MacOS/ \
{print "|" $3 "|"}' results.nbe > hosts.mac
awk -F'|' '$1 == "results" && $5 == "11936" && $7 ~ /Windows/ \
{print "|" $3 "|"}' results.nbe > hosts.win
awk -F'|' '$1 == "results" && $5 == "11936" && $7 ~ /AIX|Linux|Solaris/ \
{print "|" $3 "|"}' results.nbe > hosts.unix
for os in mac win unix; do
fgrep -f hosts.$os results.nbe > $os.nbe
nessus -i $os.nbe -o $os.html
rm $os.nbe
done
This will generate HTML reports for the OSes of interest; eg, mac.html,
win.html, and unix.html. Note: you probably don't want to use this
as-is since (1) it ignores hosts running unmatched OSes and (2) the
breakdowns aren't complete.
> 2.) Is there a way to print within a header not only the IP or the node
> name but also the OS type?
Well, I don't know how robust this is, but it seems that the hostname
field in the NBE output doesn't have to be just a hostname, at least in
Nessus 2.0.10a. Given that, let's say you have a file named 'hosts'
with three fields separated by "|": hostname, IP, and OS. Now, use an
AWK script to filter the NBE results, modifying the hostname field, and
then pass the output to nessus.
awk -F'|' '
BEGIN {
OFS = "|"
}
FILENAME == "hosts" && NF == 3{
$map[$1] = "$1 ($2) - $3"
}
FILENAME != "hosts" && ($1 == "results" || $1 == "timestamps") {
if ($map[$3]) $3 = $map[$3]
}
FILENAME != "hosts" {
print
}
' hosts results.nbe > alt_results.nbe
nessus -i alt_results.nbe -o results.html
George
--
[EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
