I c. What you are trying to do sounds very much like Security Center 3. In the past I did something similair. Importing xml into access and wirting some queries to compair and output only the newest vulnerabilities. Access has a report writer and it can be fun to play with. BUT, I was simply reinventing the wheel. There are a couple of solutions (open source) that already do what you are wanting to do.
Check out Inprotect. >>5. This plugin data alongwith the context of the environment( these describes details of >>the services running on the hosts, like version, patch ,,etc) can help us to reduce the >>false information which nessus reports by default false postives are posible, but not frequent in my experience. I f you are finding alot of 'false information' check out bugs.nessus.org On 3/10/08, Kamlesh Patel <[EMAIL PROTECTED]> wrote: > Hi p1g, > Thankz for ur response. Actually my thinking goes along the > following way to get rid of unwanted vulnerabilities, false positives and > get final report which is crisp and shows new important vulnerabilities > discovered during this scan. > > 1. Scan the PC/Host(s) on network with nessus 3.0 with default plugins and > other default config. > > 2. We get report out-of-box in XML format. > > 3. My idea is to pares the XML report and create database with different > tables like SesssionData, AlertDataDetails, AlertDescDetails, > PluginOutputDetails ,etc. > > 4. Once we parse out XML data and import into database, we then have plugin > output in tables in database. > > 5. This plugin data alongwith the context of the environment( these > describes details of the services running on the hosts, like version, patch > ,,etc) can help us to reduce the false information which nessus reports by > default. > > I thoroughly encourage comments and suggestions in these > directions. > Thanking all. > > Regards, > Kamlesh Patel. > > p1g <[EMAIL PROTECTED]> wrote: > Kamlesh, > > My default answer is 'Security Center 3' =) (for Ron) > > But, I can see that might be overkill for what you are trying ot accomplish. > > Try this. Attached is an archive with some custom .xsl files. > > Browse to this directory: > C:\Program Files\Tenable\Nessus\ > Then backup the contents of the report_styles directory. > > Then extract the archive contents to the report_styles directory. > > Then, next time you launch Win32 Nessus and lick on view reports you > will have some new reports in your drop down list. > > Good luck. > > > > > On 3/10/08, Kamlesh Patel wrote: > > Hello, > > > > I am working on Nessus Vulnerability Scanner tool > > [http://www.tenablesecurity.com/nessus/] as part of my > > Project. My task is to identify important vulenrabilites from the massive > > report genereated by Nessus and report only crucial ones. It wold be great > > if you an help me with this task. > > > > If a network administrator scans a network of 100 computers using NESSUS3 > > tool every day and gets a 1000 page report, then what might be the most > > interesting thing for him to look in the report without wasting his time, > as > > it would be very difficult to go thru such a big massive report.? > > Like for example, plug-ins with high risk factor, or, some new > > vulnerability, or, some specific plug-ins? > > If you are in the area of network security , u would realize what i am > > talking about. If our server/network is expose to vulnerabilites, any > smart > > attacker can attack and hack weak applications and data. So Nessus gives > us > > rough guess when it scans network or hosts. We have to figure out correct > > ones depending on the context of the environment/network under which scan > > took place. > > > > if above functionality/task is implemented it could > > tremendously reduce the volume of report and give out small report that a > > netowrk admin then can look at and take appropriate actions hence reducing > > his manual time to go thru report and increasing work efficiency. > > > > Please let me know if you have nay suggestions and ideas to > > go about it. i will really appreciate that . > > > > Regards, > > Kamlesh Patel. > > Norfolk, VA, USA. > > > > > > ________________________________ > > Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it > > now. > > > > > > _______________________________________________ > > Nessus mailing list > > [email protected] > > http://mail.nessus.org/mailman/listinfo/nessus > > > > > -- > -p1g > SnortCP, C|HFI, TNCP, TECP, NACP, A+ > ,,__ > o" )~ oink oink > ' ' ' ' > > If you spend more on coffee than on IT security, you will be hacked. > What's more, you deserve to be hacked. > -- former White House cybersecurity czar Richard Clarke > > > > ________________________________ > Never miss a thing. Make Yahoo your homepage. > > -- -p1g SnortCP, C|HFI, TNCP, TECP, NACP, A+ ,,__ o" )~ oink oink ' ' ' ' If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
