Hi Mark,
Looking at the Installation Guide on the Nessus website, there is mention to look at the man page of nessus-adduser. The example on page 25 also shows an example rule where users can be restricted. accept 192.168.2.0/24 default deny http://www.nessus.org/documentation/ There was also an email from George Theall on 2/21 which gave the syntax for restricting specific ports. His email: On Feb 20, 2008, at 1:55 PM, Jesse Mauntel wrote: > Does anyone know how to exclude a specific port or port range from all > checks within a .rc file? I know this can be done by modifying the > port_range parameter, however we use the 'default' value and I would > prefer to use another way if possible. You can do something like this if you're using the Nessus 3.1.x beta. It allows for port numbers and ranges in rules; eg, # Forbid connecting on ports > 1024 for the 192.168.2.0/24 subnet reject 192.168.2.0/24:1024-65535 # Forbid connecting on port 80 on your router reject 192.168.2.1:80 # Always reject connecting on port 9100 reject 0.0.0.0/0:9100 The latest beta (3.1.9) is available from <http://www.nessus.org/download/?product=nessus32-beta >. George -- [EMAIL PROTECTED] --Derek -- Derek Rushing ITSS | University of Michigan [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Adams Sent: Wednesday, March 19, 2008 1:23 PM To: [email protected] Subject: Access control rules According to the Nessus 3.2 news release (http://www.nessus.org/news/) one of the new features is "Granular access to control rules to limit users to specific ports and audits". Does anyone know how to do this?
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
