if policy setting is changed by Nessus Client from NessusClient, the nessusd.conf as default set from server also changed?is Server or Client has the privelege to change the configuration file?thank you..
On 7/24/08, Hendra Winata <[EMAIL PROTECTED]> wrote: > @all > there's possibility nessus lost 1 or more port while scanning the > target host??if yes, why and how nessus handle it or how we know if > nessus lost them,example,from information by scan report maybe?thank > you.. > > On 7/23/08, [EMAIL PROTECTED] > <[EMAIL PROTECTED]> wrote: >> Send Nessus mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> http://mail.nessus.org/mailman/listinfo/nessus >> or, via email, send a message with subject or body 'help' to >> [EMAIL PROTECTED] >> >> You can reach the person managing the list at >> [EMAIL PROTECTED] >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Nessus digest..." >> >> >> Today's Topics: >> >> 1. weak ciphers 26928 (Thomas Atkins) >> 2. Re: weak ciphers 26928 (George A. Theall) >> 3. Re: weak ciphers 26928 (Marcin Wielgoszewski) >> 4. RE: DOT-NESSUS FILE (John Scherff) >> 5. Mac OSX Nessus Question (Simon Taplin) >> 6. Re: Mac OSX Nessus Question (Ron Gula) >> 7. Re: Mac OSX Nessus Question (Michel Arboi) >> 8. Re: DOT-NESSUS FILE (Ron Gula) >> 9. Re: Mac OSX Nessus Question (Doug Nordwall) >> 10. RE: Mac OSX Nessus Question (Jason Alexander) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Tue, 22 Jul 2008 14:37:20 -0400 >> From: Thomas Atkins <[EMAIL PROTECTED]> >> Subject: weak ciphers 26928 >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; format=flowed; charset=ISO-8859-1 >> >> Hi, >> >> Can I get a detailed description of what plugin 26298 does? >> >> I've already seen >> http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928. >> >> Thanks, >> >> Tom >> >> >> ------------------------------ >> >> Message: 2 >> Date: Tue, 22 Jul 2008 15:25:01 -0400 >> From: "George A. Theall" <[EMAIL PROTECTED]> >> Subject: Re: weak ciphers 26928 >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes >> >> On Jul 22, 2008, at 2:37 PM, Thomas Atkins wrote: >> >>> Can I get a detailed description of what plugin 26298 does? >>> >>> I've already seen >>> http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928 >>> . >> >> It takes the results of another plugin (#21643) and reports any SSL >> cipher suites with key lengths < 56 bits, including those with no >> encryption support whatsoever. >> >> George >> -- >> [EMAIL PROTECTED] >> >> >> >> >> >> ------------------------------ >> >> Message: 3 >> Date: Tue, 22 Jul 2008 15:30:08 -0400 >> From: "Marcin Wielgoszewski" <[EMAIL PROTECTED]> >> Subject: Re: weak ciphers 26928 >> To: [EMAIL PROTECTED] >> Cc: [email protected] >> Message-ID: >> <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=UTF-8 >> >> It checks the cipher strength. It will report positive if a cipher >> strength of 56-bit or a null cipher (one that doesn't actually encrypt >> the transport) is supported. >> >> ssl_supported_ciphers.nasl >> cat = 0; >> NULL_STRENGTH = cat; >> labels[cat] = "Null Ciphers (no encryption)"; >> LOW_STRENGTH = ++cat; >> labels[cat] = "Low Strength Ciphers (< 56-bit key)"; >> MEDIUM_STRENGTH = ++cat; >> labels[cat] = "Medium Strength Ciphers (>= 56-bit and < 112-bit key)"; >> HIGH_STRENGTH = ++cat; >> labels[cat] = "High Strength Ciphers (>= 112-bit key)"; >> max_strength = ++cat; >> labels[cat] = "Uncategorized Ciphers"; >> >> >> >> Hope this helps, >> >> -Marcin >> tssci-security.com >> >> On 7/22/08, Thomas Atkins <[EMAIL PROTECTED]> wrote: >>> Hi, >>> >>> Can I get a detailed description of what plugin 26298 does? >>> >>> I've already seen >>> http://www.nessus.org/plugins/index.php?view=viewsrc&id=26928. >>> >>> Thanks, >>> >>> Tom >> >> >> ------------------------------ >> >> Message: 4 >> Date: Tue, 22 Jul 2008 14:54:37 -0700 >> From: "John Scherff" <[EMAIL PROTECTED]> >> Subject: RE: DOT-NESSUS FILE >> To: <[email protected]> >> Message-ID: >> <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset="us-ascii" >> >> My question: will this continue to be the behavior in the future? >> >> ________________________________ >> >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of John Scherff >> Sent: Monday, July 21, 2008 6:12 PM >> To: [email protected] >> Subject: DOT-NESSUS FILE >> >> >> Tenable Team, >> >> I was pleasantly surprised to find out that extraneous XML is not >> stripped out of the dot-nessus file by the scanner. I plan to create a >> new node called <Directives> (a sibling to <Policies>) and beneath that >> will be configuration items of my own which will be consumed by >> post-scan handlers (e.g., scripts that convert and email the scan >> results). For example: >> >> <?xml version="1.0"?> >> <NessusClientData> >> <Directives> >> <Directive> >> <name>outputFormats</name> >> <value>html;nbe</value> >> </Directive> >> <Directive> >> <name>emailRecipients</name> >> <value>[EMAIL PROTECTED],[EMAIL PROTECTED]</value> >> </Directive> >> <Directive> >> <name>attachResults</name> >> <value>no</value> >> </Directive> >> <Directive> >> <name>stripInfos</name> >> <value>yes</value> >> </Directive> >> </Directives> >> <Targets> >> ... >> </Targets> >> <Policies> >> <Policy passwordsType="Linux"> >> <policyName/> >> <policyComments/> >> ... >> </NessusClientData> >> >> My question: Is it by accident or design that unused XML is ignored and >> left untouched by the nessus, and will this continue to be the behavior >> in the future? >> >> Thanks, >> >> John Scherff >> Information Security and Storage Manager >> 24 Hour Fitness >> o: 760-918-4485 >> c: 760-351-6946 >> e: [EMAIL PROTECTED] >> >> The code of competence is the only system of morality that's on a gold >> standard. -Ayn Rand >> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: >> http://mail.nessus.org/pipermail/nessus/attachments/20080722/9bea755f/attachment-0001.html >> >> ------------------------------ >> >> Message: 5 >> Date: Tue, 22 Jul 2008 23:14:19 +0200 >> From: "Simon Taplin" <[EMAIL PROTECTED]> >> Subject: Mac OSX Nessus Question >> To: [email protected] >> Message-ID: >> <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Does Nessus on OS X have the ability to use nmap/nicto/etc from >> Macportsif the paths are correct or is it just the Linux versions? >> >> Simon >> >> -- >> RSA Cellphone: +27 72 613 0635 >> USA Cellphone: +1 409 256 7357 >> >> >> ------------------------------ >> >> Message: 6 >> Date: Wed, 23 Jul 2008 09:39:16 -0400 >> From: Ron Gula <[EMAIL PROTECTED]> >> Subject: Re: Mac OSX Nessus Question >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Simon Taplin wrote: >>> Does Nessus on OS X have the ability to use nmap/nicto/etc from >>> Macportsif the paths are correct or is it just the Linux versions? >> >> I've not personally configured nmap or nikto on a Mac, but there is >> nothing that prevents Nessus from calling those tools as long as they >> are configured in the path. >> >> A good description on how to set up Nessus and Nikto on UNIX (it is >> not Mac specific) is here: >> >> http://ma75.blogspot.com/2008/05/en-calling-nikto-from-nessus.html >> >> Ron Gula >> Tenable Network Security >> >> >> ------------------------------ >> >> Message: 7 >> Date: Wed, 23 Jul 2008 15:44:47 +0200 >> From: Michel Arboi <[EMAIL PROTECTED]> >> Subject: Re: Mac OSX Nessus Question >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset="iso-8859-1" >> >> On Tuesday 22 July 2008 23:14:19 Simon Taplin wrote: >>> Does Nessus on OS X have the ability to use nmap/nicto/etc from >>> Macportsif the paths are correct or is it just the Linux versions? >> >> Probably, but calling external commands from Nessus is a source of >> problems >> and should be avoided. >> http://www.nessus.org/documentation/index.php?doc=nmap-usage >> >> >> >> >> ------------------------------ >> >> Message: 8 >> Date: Wed, 23 Jul 2008 09:32:10 -0400 >> From: Ron Gula <[EMAIL PROTECTED]> >> Subject: Re: DOT-NESSUS FILE >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Hi John, >> >> I haven't looked into this nor have I asked anyone at Tenable to look >> into it. You may be taking advantage of some implementation issues and >> if an application that processes the .nessus file is expecting to run >> into the <Targets> element right after the <NessusClientData>, they >> could have errors. >> >> I don't forsee any coding changes to the Nessus Client that would impact >> your modifications if you use them locally, but at the same time, we're >> not adding a QA step that makes sure your modifications aren't broken >> in the future or modifying the official XSD and file format. >> >> Ron Gula >> Tenable Network Security >> >> John Scherff wrote: >>> My question: will this continue to be the behavior in the future? >>> >>> ________________________________ >>> >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] On Behalf Of John Scherff >>> Sent: Monday, July 21, 2008 6:12 PM >>> To: [email protected] >>> Subject: DOT-NESSUS FILE >>> >>> >>> Tenable Team, >>> >>> I was pleasantly surprised to find out that extraneous XML is not >>> stripped out of the dot-nessus file by the scanner. I plan to create a >>> new node called <Directives> (a sibling to <Policies>) and beneath that >>> will be configuration items of my own which will be consumed by >>> post-scan handlers (e.g., scripts that convert and email the scan >>> results). For example: >>> >>> <?xml version="1.0"?> >>> <NessusClientData> >>> <Directives> >>> <Directive> >>> <name>outputFormats</name> >>> <value>html;nbe</value> >>> </Directive> >>> <Directive> >>> <name>emailRecipients</name> >>> <value>[EMAIL PROTECTED],[EMAIL PROTECTED]</value> >>> </Directive> >>> <Directive> >>> <name>attachResults</name> >>> <value>no</value> >>> </Directive> >>> <Directive> >>> <name>stripInfos</name> >>> <value>yes</value> >>> </Directive> >>> </Directives> >>> <Targets> >>> ... >>> </Targets> >>> <Policies> >>> <Policy passwordsType="Linux"> >>> <policyName/> >>> <policyComments/> >>> ... >>> </NessusClientData> >>> >>> My question: Is it by accident or design that unused XML is ignored and >>> left untouched by the nessus, and will this continue to be the behavior >>> in the future? >>> >>> Thanks, >>> >>> John Scherff >>> Information Security and Storage Manager >>> 24 Hour Fitness >>> o: 760-918-4485 >>> c: 760-351-6946 >>> e: [EMAIL PROTECTED] >>> >>> The code of competence is the only system of morality that's on a gold >>> standard. -Ayn Rand >>> >> >> >> ------------------------------ >> >> Message: 9 >> Date: Wed, 23 Jul 2008 10:10:17 -0400 >> From: Doug Nordwall <[EMAIL PROTECTED]> >> Subject: Re: Mac OSX Nessus Question >> To: Ron Gula <[EMAIL PROTECTED]> >> Cc: "[email protected]" <[email protected]> >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset=us-ascii; format=flowed >> >> I'll give it a try later today. >> >> Sent from my iPhone >> >> On Jul 23, 2008, at 9:39 AM, Ron Gula <[EMAIL PROTECTED]> wrote: >> >>> Simon Taplin wrote: >>>> Does Nessus on OS X have the ability to use nmap/nicto/etc from >>>> Macportsif the paths are correct or is it just the Linux versions? >>> >>> I've not personally configured nmap or nikto on a Mac, but there is >>> nothing that prevents Nessus from calling those tools as long as they >>> are configured in the path. >>> >>> A good description on how to set up Nessus and Nikto on UNIX (it is >>> not Mac specific) is here: >>> >>> http://ma75.blogspot.com/2008/05/en-calling-nikto-from-nessus.html >>> >>> Ron Gula >>> Tenable Network Security >>> _______________________________________________ >>> Nessus mailing list >>> [email protected] >>> http://mail.nessus.org/mailman/listinfo/nessus >> >> >> ------------------------------ >> >> Message: 10 >> Date: Wed, 23 Jul 2008 14:55:43 +0100 >> From: Jason Alexander <[EMAIL PROTECTED]> >> Subject: RE: Mac OSX Nessus Question >> To: [email protected] >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: TEXT/PLAIN; CHARSET=US-ASCII >> >> Looking for a good web front end for nessus that can handle multiple >> scanners and automate scans... Looked at inprotect but it has to many bugs >> and doesn't look to be maintained any more. Does any one have any good >> suggestions? Even commerical options would be considered >> >> ta >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] >> On Behalf Of Simon Taplin >> Sent: 22 July 2008 22:14 >> To: [email protected] >> Subject: Mac OSX Nessus Question >> >> Does Nessus on OS X have the ability to use nmap/nicto/etc from Macportsif >> the paths are correct or is it just the Linux versions? >> >> Simon >> >> -- >> RSA Cellphone: +27 72 613 0635 >> USA Cellphone: +1 409 256 7357 >> _______________________________________________ >> Nessus mailing list >> [email protected] >> http://mail.nessus.org/mailman/listinfo/nessus >> >> >> >> ------------------------------ >> >> _______________________________________________ >> Nessus mailing list >> [email protected] >> http://mail.nessus.org/mailman/listinfo/nessus >> >> End of Nessus Digest, Vol 57, Issue 19 >> ************************************** >> > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
