On Mar 19, 2008, at 6:22 PM, Mark Adams wrote:
According to the Nessus 3.2 news release (http://www.nessus.org/
news/) one of the new features is "Granular access to control rules
to limit users to specific ports and audits". Does anyone know how
to do this?
There are syntax examples in /opt/nessus/etc/nessus/nessusd.rules. You
can write these rules there (restrict things on a global nessusd
basis) or in /opt/nessus/var/nessus/users/auth/rules (same syntax, for
a per-user basis).
Basically you can write :
Global networks/host denies :
reject 192.168.2.0/24
Reject a given port on a given network :
reject 192.168.2.0/24:9100
You can reject a port range too :
reject 192.168.2.0/24:1-1024
And you can also forbid the use of some plugins :
plugin-reject 10330
plugin-reject 10000-11000
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
