My question relates to nessus' client/server model, and more specifically, its config files.
We have a Linux server running the nessus daemon and I'm connecting to it with a Windows client. What I'm not grasping is how the admin of the nessus server sets restrictions on what the client can and can't do when requesting a scan. My apologies if the answer is clearly documented; I've been unable to find it. An example of this is the "Log details of the scan on the server" checkbox in the Options tab of the nessus client. Due to the volume of scans we'll be doing, as well as the log verbosity, I don't want to log every launched/not-launched nasl for every target host -- the log gets ridiculously large very quickly. What I'd like to see happen is that we offer the nessus client to departmental sysadmins who can manage their own scans, though we (central IT) will manage the nessus server itself. The problem I see here is that I don't want nessus client users (sysadmins) to be able to check the "Log details of the scan on the server" (for example) and fill up my logs. So, where can the nessus server admin set these restrictions that will override settings specified by the client? Thanks for reading, -rw _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
