Hi p1g,
Thankz for ur response. Actually my thinking goes along the following
way to get rid of unwanted vulnerabilities, false positives and get final
report which is crisp and shows new important vulnerabilities discovered during
this scan.
1. Scan the PC/Host(s) on network with nessus 3.0 with default plugins and
other default config.
2. We get report out-of-box in XML format.
3. My idea is to pares the XML report and create database with different tables
like SesssionData, AlertDataDetails, AlertDescDetails, PluginOutputDetails ,etc.
4. Once we parse out XML data and import into database, we then have plugin
output in tables in database.
5. This plugin data alongwith the context of the environment( these describes
details of the services running on the hosts, like version, patch ,,etc) can
help us to reduce the false information which nessus reports by default.
I thoroughly encourage comments and suggestions in these
directions.
Thanking all.
Regards,
Kamlesh Patel.
p1g <[EMAIL PROTECTED]> wrote: Kamlesh,
My default answer is 'Security Center 3' =) (for Ron)
But, I can see that might be overkill for what you are trying ot accomplish.
Try this. Attached is an archive with some custom .xsl files.
Browse to this directory:
C:\Program Files\Tenable\Nessus\
Then backup the contents of the report_styles directory.
Then extract the archive contents to the report_styles directory.
Then, next time you launch Win32 Nessus and lick on view reports you
will have some new reports in your drop down list.
Good luck.
On 3/10/08, Kamlesh Patel wrote:
> Hello,
>
> I am working on Nessus Vulnerability Scanner tool
> [http://www.tenablesecurity.com/nessus/] as part of my
> Project. My task is to identify important vulenrabilites from the massive
> report genereated by Nessus and report only crucial ones. It wold be great
> if you an help me with this task.
>
> If a network administrator scans a network of 100 computers using NESSUS3
> tool every day and gets a 1000 page report, then what might be the most
> interesting thing for him to look in the report without wasting his time, as
> it would be very difficult to go thru such a big massive report.?
> Like for example, plug-ins with high risk factor, or, some new
> vulnerability, or, some specific plug-ins?
> If you are in the area of network security , u would realize what i am
> talking about. If our server/network is expose to vulnerabilites, any smart
> attacker can attack and hack weak applications and data. So Nessus gives us
> rough guess when it scans network or hosts. We have to figure out correct
> ones depending on the context of the environment/network under which scan
> took place.
>
> if above functionality/task is implemented it could
> tremendously reduce the volume of report and give out small report that a
> netowrk admin then can look at and take appropriate actions hence reducing
> his manual time to go thru report and increasing work efficiency.
>
> Please let me know if you have nay suggestions and ideas to
> go about it. i will really appreciate that .
>
> Regards,
> Kamlesh Patel.
> Norfolk, VA, USA.
>
>
> ________________________________
> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it
> now.
>
>
> _______________________________________________
> Nessus mailing list
> [email protected]
> http://mail.nessus.org/mailman/listinfo/nessus
>
--
-p1g
SnortCP, C|HFI, TNCP, TECP, NACP, A+
,,__
o" )~ oink oink
' ' ' '
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
---------------------------------
Never miss a thing. Make Yahoo your homepage._______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
