On Thu, 3 Jun 2004, Mark Fagan wrote: > I am looking for some help regarding centralised plugin updates. I have a site > with over 15 nessus hosts which cannot have Internet access due to security > policy restrictions. > [snip] > > I have a central computer which is "allowed" Internet access, the current role > of this machine is to pull the latest snort rules each day and distribute them > VIA SCP to each of the remote sensors. > > I would like to have a similar setup for the Nessus plugins.
Hi Mark. What you are looking for would be pretty simple. The update-nessus-plugins script (comes with Nessus) is just a shell script to (basically) 'wget' a tarball of plugins from the Nessus web site, untar them in /usr/local/lib/nessus/plugins/, then HUP the Nessus daemon. On all of your internal-only boxes, ou can edit /usr/loca/sbin/update-nessus-plugins and change the line: location="http://www.nessus.org/nasl/all-2.0.tar.gz"; ...to a centralized server (obviously needs to be running HTTP) with the recent Nessus plugins tarball. If your centralized server is not running HTTP, you can just roll your own nessus-update-plugins script to do the download via SCP (or whatever). It is actually a pretty simple process. ~Jay -- .. .. Jay Jacobson .. Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com .. .. Network Security Auditing and .. Vulnerability Assessment Managed Services .. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
