On Thu, 14 Sep 2006, Patrick Derwael wrote:
Hi list,
I'm in a process of securing my Nessus scanner.
Currently, the scanner runs with the default startup options (-D -q),
which makes it accessible by anyone. I want it to reject any connection
attempt, except from 2 IPs (adding the -a option)
The scanner'IP (on a RedHat box) is x.y.z.218, and I'm running NessusWX on
x.y.z.219.
When I start the daemon with "nessusd -D -q -a x.y.z.218,x.y.z.219", it
rejects every connection, including those from x.y.z.218/219.
Does that mean that -a only accepts one single IP, or am I doing something
wrong ?????
As Jasper pointed out the '-a' option configures which IP address
nessusd will listen for connections on. I think what you are looking for
is the nessusd.rules file. Syntax : accept|reject address/netmask
--
- Josh
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
