On Fri, May 26, 2006 at 04:17:08PM -0500, Doty, Timothy T. wrote: > I need to exclude a list of systems as being valid targets. They should > never be scanned (they're tarpits). I found the following when searching for > how to configure nessus for this. The only problem is nessus wipes the > configuration every time it is run. Is this dated? Or am I missing > something? I'm using nessus 3.0.2 and scanning with the commandline client > in batch. ... >> Assuming you want to exclude, say, 192.168.1.3 and 192.168.1.123 from >> testing, you'd edit /usr/local/etc/nessus/nessusd.rules [*] and write in > it : >> deny 192.168.1.3 >> deny 192.168.1.123 >> default accept >> >> [*] Or /usr/local/var/nessus/users/<yourlogin>/rules or >> ~/.nessusrc in the "RULES" section
The first two approaches are done on the server side and hence unaffected by updates made to the client config. If you'd rather use a client-side approach, though, why don't you consider adding a section to your batch process to include the necessary rules in the config file each time? George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
