As a side note, .audit files for both Windows and Unix systems now include multi-line INFO tag functionality which allows you to add verbose details to your audit output. Ron mentioned the Unix side in the following blog entry: http://blog.tenablesecurity.com/2008/07/full-susudo-sup.html
Paul John Scherff wrote: > Couple more points: > > (5) The .audit policies are really the best way. I took the "long road" > because I wanted the plugin output to cite our security policy, point > the reader to our policy server, and produce detailed output about > precisely what was wrong (and what was right). > > (6) The scripts have a copyright line, but there's no copyright. Feel > free to use/abuse them however you want. When I catch up to Mike > Vasquez in "giving back to the community," maybe I'll be less sharing ;) > > (7) The CVSS score/codes are all made-up. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of John Scherff > Sent: Thursday, July 17, 2008 9:25 AM > To: Adrian Raduti; [EMAIL PROTECTED] > Cc: [email protected] > Subject: RE: antivirus_installed.nasl > > Here you go Adrian and Mike. > > A few important points: > > 0) These go in the /opt/nessus/lib/nessus/plugins directory. > > 1) I goofed on the choice of plugin IDs (I chose the 9xxxx range, but > custom plugins are supposed to be in the 6xxxx range, I think). > > 2) There's a perl script included that grabs the last three AV signature > dates from Symantec. This script should be used like this to refresh > the 24hr_savce_01.inc file: > > get-symantec-sigs.pl > > /opt/nessus/var/nessus/plugins/24hr_savce_01.inc > > 3) The whole thing requires that you scan Windows systems with an > account that can read the registry. > > 4) Please take the 24 Hour Fitness references out of the scripts before > you use them. > > Good luck, > > John Scherff > IT Security Manager > 24 Hour Fitness > > -----Original Message----- > From: Adrian Raduti [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 17, 2008 8:53 AM > To: John Scherff > Subject: RE: antivirus_installed.nasl > > Sure, please send me yours. > > I feel this will also help me in better learning the language. > > > Appreciate your help > Adrian > > On Thu, 2008-07-17 at 08:41 -0700, John Scherff wrote: >> They're highly customized for our environment, but if you send me a >> list of exactly what you need, I'll write a custom plugin for you (may > >> take a couple days... pretty busy over here). Or I can just send you >> ours and let you hack them to fit your needs. > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > -- Best Regards, Paul Davis Research Engineer Tenable Network Security Inc Phone: 410.872.0555 www.tenablesecurity.com Is your network TENABLE? _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
