On Tue, 2007-10-02 at 07:07 -0400, George A. Theall wrote: > On 10/01/07 17:24, Xueshan Feng wrote: > > > I use nessus command line command to launch nessus scan jobs. I noticed > > that, nessusrc will change after each nessus job. > > Yes, the client merges its original configuration with what a server > holds (eg, new plugins) and saves that as the new config file each time > you run a scan. > > > What's the best way to keep track of the > > change should we need to rebuild the scanner machine? > > You may want to look into a third-party tool such as my own > update-nessusrc script, <http://www.tifaware.com/perl/update-nessusrc/>, > to control which plugins are enabled. This works best if scans are based > on, say, entire families; eg, CGI abuses, service detection, etc.
Thank you, this is a very helpful tool! > > If that's not enough, examine what exactly you need and configure > backups accordingly. Logs, KBs, configuration files, etc... probably. Yes I think I will try to use rsync backup, combined with CVS to track local changes. > Do > you need to be able to reproduce scan results? If so, be sure to include > the plugins and even the binaries as well. Not yet. We just started the project, maybe when we matured and learned more about Nessus, we will. Thanks a lot! Xueshan _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
