Hello George, Putting it in a server config does make more sense as we never want to scan those addresses.
Thanks! Tim Doty -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of George A. Theall Sent: Friday, May 26, 2006 7:12 PM To: [email protected] Subject: Re: Configuration file "resets" On Fri, May 26, 2006 at 04:17:08PM -0500, Doty, Timothy T. wrote: > I need to exclude a list of systems as being valid targets. They > should never be scanned (they're tarpits). I found the following when > searching for how to configure nessus for this. The only problem is > nessus wipes the configuration every time it is run. Is this dated? Or > am I missing something? I'm using nessus 3.0.2 and scanning with the > commandline client in batch. ... >> Assuming you want to exclude, say, 192.168.1.3 and 192.168.1.123 from >> testing, you'd edit /usr/local/etc/nessus/nessusd.rules [*] and write >> in > it : >> deny 192.168.1.3 >> deny 192.168.1.123 >> default accept >> >> [*] Or /usr/local/var/nessus/users/<yourlogin>/rules or >> ~/.nessusrc in the "RULES" section The first two approaches are done on the server side and hence unaffected by updates made to the client config. If you'd rather use a client-side approach, though, why don't you consider adding a section to your batch process to include the necessary rules in the config file each time? George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
