On Wed, Jul 05, 2006 at 02:00:13PM -0300, Federico Petronio wrote: > I just created a > Nessus rc file with a couple of rules activated (say 258) in the PLUGIN > section: > > begin(PLUGIN_SET) > <ruleId1> = yes > <ruleId1> = yes > ... > <ruleId258> = yes > end(PLUGIN_SET) > > for the rest of the plugins I just didn’t set anything. ... > When I run Nessus I found that it changes the file adding lots of rules > (10K+). The question is, all that 10K+ rules are needed by dependencies? > do Nessus uses a default configuration (enable/disable) for plugins that > are not explicitly enabled?
The occurs because the server by default will run non-dangerous plugins (or all plugins, if Safe Checks are disabled) not explicitly disabled by a client; it's not a function of script dependencies. > What configuration should I use to make Nessus run all the test I want > (those 258) and all necessary dependencies but not any other plugin? Explicitly disable them in your client. You may want to use one of the third-party update-nessusrc scripts for this: http://www.tifaware.com/perl/update-nessusrc/ http://edgeos.com/downloads/update-nessusrc.tar.gz > BTW, I could not find information about silent_dependencies option, > what's exactly for? This restricts results to only plugins you enabled, not those of any dependencies that were implicitly enabled. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
