On Tue, Feb 15, 2005 at 10:18:48PM -0500, Shane Presley wrote: > Good point. We do output them into NSR then convert them to HTML. > But the command I use just converts the entire NSR. Are there built > in nessus ways to filter for only port 80/443 vulnverabilities when > you create the HTML report, or are you talking about a custom script?
You'd need to write a filter, but it's pretty simple. For example, with
NBE output, the port is in the fourth field (fields are separated by
'|'. So I could extract results for just ports 80 and 443 with this awk
script:
awk -F'|' '$1 == "timestamps" || ($1 == "results" && $4 ~
"[^0-9](80|443)[^0-9]")'
[In the regular expression, "[^0-9]" ensures the matches are exact
rather than something like 10080 or 4431.]
NSR is similar to NBE except that it holds just results and is missing
the first two fields in those lines; thus, you should filter on the 2nd
field rather than the fourth.
By the way, the nessus GUI claims NSR is deprecated. I don't know how
true that is, but you might want to start shifting over to NBE.
George
--
[EMAIL PROTECTED]
pgpTWHG7nMbC0.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
