For your box, look at using iptables. Set up a simple rule to allow the hosts/networks you want to connect and allow the rest to drop through to the (hopefully already existing) deny all.
Syntax is pretty straightforward and if you run it from the command line it will not survive reboots so you can "undo" your changes. Also look at iptables-save and iptables-restore to preserve your existing state. Later, Jim > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Patrick Derwael > Sent: Thursday, September 14, 2006 4:05 AM > To: [email protected] > Subject: Securing nessusd > > > Hi list, > > I'm in a process of securing my Nessus scanner. > Currently, the scanner runs with the default startup options > (-D -q), which makes it accessible by anyone. I want it to > reject any connection attempt, except from 2 IPs (adding the > -a option) > > The scanner'IP (on a RedHat box) is x.y.z.218, and I'm > running NessusWX on x.y.z.219. When I start the daemon with > "nessusd -D -q -a x.y.z.218,x.y.z.219", it rejects every > connection, including those from x.y.z.218/219. > > Does that mean that -a only accepts one single IP, or am I > doing something wrong ????? > > > -- > Web and Co > Patrick Derwael > Rue Hubert Larock, 20 > 4280 Hannut > email: [EMAIL PROTECTED] > http://www.webandco.be > > _______________________________________________ > Nessus mailing list > [email protected] http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
