Michel Arboi wrote:
On Thu Aug 12 2004 at 10:20, Jay Jacobson wrote:
With the new Nikto and Nmap NASL implementations added yesterday, how does
that affect the existing .nes implementations? If I have a .nessusrc file
with both #10336 (Nmap .nes) and #14259 (Nmap NASL) set to "yes" will it
run Nmap twice during the scan?
It will. Eventually, the .NES scanners will be removed, but we cannot
do this immediately, as the new NASL scanners will not run without the
latest bugfix in libnasl.
First, we could disable the .NES if NASL_LEVEL is high enough (when
the scripts are signed)
It would be really nice, given that we know that we are duplicating
functionality, and duplicating operations that take a LONG time to run,
if there was some automatic way making the transition to the NASL based
equivalents of .NES scripts a seamless one.
Which brings me to a slightly different pet peeve: It's a pain
in the backside to see preference parameters operate on the
basis of an English text string. For example, if you want
to tell Nessus to tell nmap to scan 60 ports in parallel, you
would send
Nmap[entry]:Ports scanned in parallel (max) <|> 60
to the daemon. The problem is that these preference descriptions are
subject to change (and have changed). Which forces every client
that preconfigures preferences to change everytime a preference string
is changed. A perfect example is the new Nasl wrapper, afaik. Because
the name of the script has changed, the name of the preference
has now changed, requiring a client to send:
Nmap (NASL wrapper)[entry]:Ports scanned in parallel (max) <|> 60
Preference descriptions are subject to change, and ideally should be
abstracted out one level.
Question: will this break any configurations for folks using stock
nessus clients?
Another problem is anyone trying to build a client that operates
in a different language. In that case, the preference descriptions
cannot be displayed to a user directly, and must be mapped to
the corresponding foreign language counterpart. But this mapping
will not be reliable if the basis for a mapping is a descriptive
text string that keeps changing.
Thomas
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
