Philippe wrote: > High, this is my first message on this mailing list, I hope it is relevant > here.
Perhaps -- we get all sort so folks on the list. > I would like to scan vulnerabilities on a class C network. > I am evaluating several products (Nessus, Qualys, Rapid7, nCircle, Secunia, > eEye, GFI LanGuard, etc.). > I like the Nessus scanner but I am a bit puzzled with the report part. > The Tenable Security Center does a lot of things, but the price is too high > to manage about a hundred of hosts. That is interesting pricing feedback. Since you brought this up .... SC3 for 500 IPs costs $15,570/us According to SC magazine, Rapid 7 costs $25k for a class C. Considering their console does not do as much as SC3 and they test for about half as many CVEs as Nessus does, it might not be as good of a deal. The URL for this is here: http://www.scmagazineus.com/Rapid7-NeXpose/Review/26/ SC magazine also has Qualys at $5995 for 10 IPs. nCircle (according to infoword) costs $36k for 250 IPs. SC magazine also has eEye retina for 128 addresses for $1995 and the REM product for 500 IPs is cheaper than SC3. GFi Languard is easily the lowest priced of the bunch, but if you are looking at Tenable, Qualys, nCircle, .etc, you might not find all of the features you are looking for there. > The 2 basic things I am looking for are: > - generate a report called hereafter "R1" displaying the number of > holes/warning/notes for each scanned host, and the details for the > holes/warnings only, > - generate a "trend report" called hereafter "R2": a graphic displaying the > time evolution of number of scanned hosts, numbers of holes, numbers of > warnings. > > I found a XSL file that enabled me to generate R1, but this XSL > transformation must be used with the Nessus version 2 XML report file > generated by the Nessus 3.0.6 client on Windows. We are working on a NessusClient which will have XSLT in the reporting so you can transform your scan results into anything you want. I do not have an ETA for this yet. > Is it possible to generate a Nessus version 2 XML report file with a Nessus > 3.2.x software ? No. Not with the existing products. You can use XSLT on the resulting .nessus file which is XML based. > What should I use in order to be able to generate R1, using for input the > Nessus "version 3" XML file (.nessus file, beginning by <NessusClientData>) > generated by the Nessus 3.2.x software (multiplatform) ? The Nessus Client default report has exactly this -- a summary and then details about each vuln. > What should I use to generate R2 ? A very basic solution could be to > generate the graphic using MS Excel/ OpenOffice Calc by manually entering the > figures retrieved from the Nessus report. For Nessus users who don't want to purchase a managment and reporting tool that has this sort of reporting built into it, I've seen a wide variety of soluitons, most of which surround developing code using MySQL/PHP or manual data entry into a spreadsheet. > Otherwise, I found Nessconnect, that seems to be interesting for my purpose, > but: > - I do not know if this software is reliable and fully compatible with Nessus > 3.2 and future versions, > - I am not satisfied with the default reports and I do not know yet how to > generate custom report, > - the scan results and reports seems to be save in binary file ("session"), > that may be a problem in the future if evolution is required and the software > is no longer supported. The Nessconnect folks are on the list. We don't necessarily certify projects to be compatible with Nessus 3.2. I suggest you look at the Nessconnect home/project page and express any features requests or comments to them. > Do you know other software, preferably open source, able to generate custom > reports R1 and R2 with a Nessus 3.2 scanner ? You might find a few tools that can handle R1, but the issue with your R2 report is retention of scan results. I'm not familiar with any open/free tools that lett you take successive Nessus scan results and do a trend report on them. Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
