Another option for this is to just manipulate the OS's routing table on the Nessus server. If, for example, you have 10.1.2.0/24 routed out eth3 (Linux: 'route add -net 10.1.2.0 netmask 255.255.255.0 eth3'), then Nessus (like any other process on the box) will send all packets for 10.1.2.0/24 to eth3.
~Jay
On Wed, 15 Sep 2004, Oscar Francisco Castaneda Villagran wrote:
man nessusd
-S <ip[,ip2,...]>, --src-ip=<ip[,ip2,...]> Force the source IP of the connections established by Nessus to <ip> checks need to fully establish a connection to the remote host. This option is only useful if you have a multi-homed machine with multiple public IP addresses that you would like to use instead of the default one. Example : nessusd -S 192.168.1.1,192.168.1.2,192.168.1.3,192.168.1.4 will make nes-susd establish connections with a source IP of one among those listed above. For this setup to work, the host running nessusd should have multiple NICs with these IP addresses set.
I found this on the nessusd manpage for Nessus 2.0.10 for FreeBSD, I couldn't find this option on the manpage in the Nessus website, guess it's an outdated copy... Well, this should help you with what you want to accomplish.
-oscar
Ok, I should have clarified my question a little better. Sorry...
When nessus is performing a scan, how do I specify which interface to perform the scan from. I am not too concerned about which interface nessus is serving client requests from (although I need to specify this due to security reasons).
Thanks for your help guys, sorry for the lack of clarity.
-Wendell
On Wed, 2004-09-15 at 12:13, Steve Loughran wrote:addressman nessusd
-a <address>, --listen=<address> Tell the server to only listen to connections on themake<address> which is an IP, not a machine name. For instance, "nessusd -a 192.168.1.1" willrunningnessusd only listen to requests going to 192.168.1.1 This option is useful if you arenessusd on a gateway and if you don't want people on the outside to connect to your nessusd.
(Note: this isnt an up to date nessus install, so options may have changed... yes, yes, slag me off later.. :)
Steve
----- Original Message ----- From: "Wendell Smith" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 15, 2004 4:45 PM Subject: Binding nessus to a specific interface?
Hey all,
How would I tell nessus to bind to a specific interface? I don't see a configuration parameter or runtime switch that empowers me with the ability to do this.
Thanks,
Wendell
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus-- Wendell Smith Systems Admin CastleBranch Inc. 910-815-3880 Ext 7154
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
---------------------------------------------------------------- Servicio de correo - Universidad Galileo - Guatemala
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
-- .. .. Jay Jacobson .. Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com .. .. Network Security Auditing and .. Vulnerability Assessment Managed Services ..
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
