Hi Christian,

Is the ssl config change you made in the nessus6.pm file necessary, because
I only made the change in the REST.pm file, and I could connect.
But the issue I am having is with the "scanner name doesn't exist" even
after settign as "Local Scanner".
Can you send me your nessu6.pm file. Want to compare with mine.

Thanks.

Regards,
Kehinde

On Thu, Aug 10, 2017 at 11:04 AM, Cristian Mammoli <c.mamm...@apra.it>
wrote:

> Thanks Akala, I think the Nessus::REST shipped by inverse repo has
> multiple problems
>
> [root@srvpf pf]# rpm -qf /usr/share/perl5/vendor_perl/Net/Nessus/REST.pm
> perl-Net-Nessus-REST-0.2-4.1.noarch
> [root@srvpf pf]# yum info perl-Net-Nessus-REST-0.2-4.1.noarch
> Loaded plugins: fastestmirror
> Loading mirror speeds from cached hostfile
>  * atomic: www4.atomicorp.com
>  * base: it.centos.contactlab.it
>  * extras: it.centos.contactlab.it
>  * updates: it.centos.contactlab.it
> Installed Packages
> Name        : perl-Net-Nessus-REST
> Arch        : noarch
> Version     : 0.2
> Release     : 4.1
> Size        : 23 k
> Repo        : installed
> From repo   : packetfence
> Summary     : Communicate with Nessus scanner(v6+) via REST
> URL         : http://search.cpan.org/~grousse/Net-Nessus-REST-0.2/
> License     : Artistic/GPL
> Description : This is Perl interface for communication with Nessus scanner
> over XMLRPC. You
>             : can start, stop, pause and resume scan. Watch progress and
> status of scan,
>             : download report, etc.
>
> There is no  ssl_opts => { verify_hostname => 0 } (even if this coul be
> passed directly by nessus6.pm). The function get_scanner_id is missing
>
> I brutally replaced /usr/share/perl5/vendor_perl/Net/Nessus/REST.pm with
> the last upstream version:
>
> wget http://cpansearch.perl.org/src/GROUSSE/Net-Nessus-REST-v0.7.
> 0/lib/Net/Nessus/REST.pm -O /usr/share/perl5/vendor_perl/N
> et/Nessus/REST.pm
>
> and modified lib/pf/scan/nessus6.pm like this:
>
> --- lib/pf/scan/nessus6.pm.orig 2017-08-10 11:02:24.977268702 +0200
> +++ lib/pf/scan/nessus6.pm      2017-08-10 10:45:59.439102230 +0200
> @@ -92,7 +92,7 @@
>      my $scanner_name        = $self->{_scannername};
>      my $format              = $self->{_format};
>
> -    my $nessus = Net::Nessus::REST->new(url => 'https://
> '.$host.':'.$port);
> +    my $nessus = Net::Nessus::REST->new(url => 'https://'.$host.':'.$port,
> ssl_opts => { verify_hostname => 0 });
>      $nessus->create_session(username => $user, password => $pass);
>
>      # Verify nessus policy ID on the server, nessus remote scanner id,
> set scan name and launch the scan
>
> My scan.conf is this:
>
> [nessus6_scan]
> ip=srvpf.gruppoapra.com
> duration=180s
> categories=employees
> port=8834
> registration=0
> username=admin
> post_registration=1
> password=REDACTED
> pre_registration=0
> oses=1
> type=nessus6
> scannername=Local Scanner
> nessus_clientpolicy=PacketFenceScan
>
> Now the scan starts:
>
> Aug 10 11:03:41 srvpf pfqueue: pfqueue(8101) INFO: [mac:20:cf:30:36:7c:bb]
> Nessus is scanning 192.168.15.80 (pf::scan::nessus6::startScan)
>
>
> Il 09/08/2017 20:40, Akala Kehinde ha scritto:
>
>> FYI below..
>> Had to cc. the mail add.. for anyone interested in the ongoing convo...
>>
>> Regards,
>> Kehinde
>>
>> On Thu, Aug 3, 2017 at 11:08 PM, Juan Camilo Valencia <
>> juan.valen...@seguratec.com.co <mailto:juan.valen...@seguratec.com.co>>
>> wrote:
>>
>>     Hi Kehinde,
>>
>>     Yeah could be something really more simple but what looks like is
>>     that the variable is not getting initialize probably because the
>>     app is not delivering any data,or the scanner name is not correct,
>>     let me see with the lab how to get that info manually and debug
>>     this thing correctly.
>>
>>     Best regards
>>
>>     2017-08-03 13:27 GMT-05:00 Akala Kehinde <kehindeak...@gmail.com
>>     <mailto:kehindeak...@gmail.com>>:
>>
>>         HI Juan,
>>
>>         Actualy did that before sending the last mai, but to no avail.
>>         Problem still persist.
>>
>>         [MAWOH_NESSUS_SCAN]
>>         ip=127.0.0.1
>>         duration=30s
>>         categories=guest,staff
>>         port=8843
>>         registration=1
>>         username=nessusadmin
>>         post_registration=1
>>         password=password
>>         pre_registration=1
>>         oses=1
>>         nessus_clientpolicy=testpolicy
>>         type=nessus6
>>         scannername=Local
>>
>>         Aug  3 20:27:06 egelsbach pfqueue: Use of uninitialized value
>>         $scanner_id in string eq at
>>         /usr/local/pf/lib/pf/scan/nessus6.pm <http://nessus6.pm> line
>> 107.
>>         Aug  3 20:27:06 egelsbach pfqueue: Use of uninitialized value
>>         $scanner_id in concatenation (.) or string at
>>         /usr/local/pf/lib/pf/scan/nessus6.pm <http://nessus6.pm> line
>> 108.
>>         Aug  3 20:27:06 egelsbach pfqueue: pfqueue(31127) WARN:
>>         [mac:44:8a:5b:43:55:02] Nessus scanner name doesn't exist
>>          (pf::scan::nessus6::startScan)
>>
>>         Tough nut to crack really:)
>>
>>
>>         Regards,
>>         Kehinde
>>
>>         On Thu, Aug 3, 2017 at 8:15 PM, Juan Camilo Valencia
>>         <juan.valen...@seguratec.com.co
>>         <mailto:juan.valen...@seguratec.com.co>> wrote:
>>
>>             Ok. Try to change the scanner name conf in pf for "Local"
>>             without quotes, make the test and you should see in your
>>             nessus console a scan test named pf-something should work
>>             now.
>>
>>             Regards
>>
>>             El 3 ago. 2017 1:12 PM, "Akala Kehinde"
>>             <kehindeak...@gmail.com <mailto:kehindeak...@gmail.com>>
>>             escribió:
>>
>>                 Hello JUan,
>>
>>                 Am a bit confused. I see no scanner name on the
>>                 Settings tab:
>>
>>                 Inline image 1
>>
>>
>>                 Regards,
>>                 Kehinde
>>
>>                 On Thu, Aug 3, 2017 at 7:52 PM, Juan Camilo Valencia
>>                 <juan.valen...@seguratec.com.co
>>                 <mailto:juan.valen...@seguratec.com.co>> wrote:
>>
>>                     Hi Kehinde,
>>
>>                     None of those screenshots show the name of the
>>                     scanner. The first one is tje name of the scan
>>                     which is different. Try to take a look on the
>>                     settings tab of Nessus server and find the scanner
>>                     name.
>>
>>                     Best regards
>>
>>                     El 3 ago. 2017 12:16 PM, "Akala Kehinde"
>>                     <kehindeak...@gmail.com
>>                     <mailto:kehindeak...@gmail.com>> escribió:
>>
>>                         Hi Juan,
>>
>>
>>
>>                         Scan:
>>
>>                         Inline image 1
>>
>>
>>                         Policy:
>>
>>                         Inline image 2
>>
>>
>>                         Policy Cred:
>>
>>                         Inline image 3
>>
>>                         Regards,
>>                         Kehinde
>>
>>                         On Thu, Aug 3, 2017 at 7:09 PM, Juan Camilo
>>                         Valencia <juan.valen...@seguratec.com.co
>>                         <mailto:juan.valen...@seguratec.com.co>> wrote:
>>
>>                             Try to send a screenshot of your nessus
>>                             server through the web page to see if
>>                             somwthing else is wrong. The function that
>>                             I sent you is an api function for nessus
>>                             rest interface to get the name of the
>>                             scanner in nessus server and it is
>>                             compared against the name in your nessus
>>                             configuration file that you just provided
>>                             me. You need to make sure that both of
>>                             them match.
>>
>>                             Best regards
>>
>>                             El 3 ago. 2017 11:52 AM, "Akala Kehinde"
>>                             <kehindeak...@gmail.com
>>                             <mailto:kehindeak...@gmail.com>> escribió:
>>
>>                                 Hello Juan,
>>
>>                                 Another error yet again:)
>>
>>                                 Aug  3 18:19:24 egelsbach pfqueue:
>>                                 pfqueue(22876) INFO:
>>                                 [mac:44:8a:5b:43:55:02] New ID
>>                                 generated: 1501777164175502
>>                                 (pf::util::generate_id)
>>                                 Aug  3 18:19:25 egelsbach pfqueue:
>>                                 pfqueue(22876) WARN:
>>                                 [mac:44:8a:5b:43:55:02] Use of
>>                                 uninitialized value $scanner_id in
>>                                 string eq at
>>                                 /usr/local/pf/lib/pf/scan/nessus6.pm
>>                                 <http://nessus6.pm> line 107.
>>                                  (pf::scan::nessus6::startScan)
>>                                 Aug  3 18:19:25 egelsbach pfqueue:
>>                                 pfqueue(22876) WARN:
>>                                 [mac:44:8a:5b:43:55:02] Use of
>>                                 uninitialized value $scanner_id in
>>                                 concatenation (.) or string at
>>                                 /usr/local/pf/lib/pf/scan/nessus6.pm
>>                                 <http://nessus6.pm> line 108.
>>                                  (pf::scan::nessus6::startScan)
>>                                 Aug  3 18:19:25 egelsbach pfqueue: Use
>>                                 of uninitialized value $scanner_id in
>>                                 string eq at
>>                                 /usr/local/pf/lib/pf/scan/nessus6.pm
>>                                 <http://nessus6.pm> line 107.
>>                                 Aug  3 18:19:25 egelsbach pfqueue: Use
>>                                 of uninitialized value $scanner_id in
>>                                 concatenation (.) or string at
>>                                 /usr/local/pf/lib/pf/scan/nessus6.pm
>>                                 <http://nessus6.pm> line 108.
>>                                 Aug  3 18:19:25 egelsbach pfqueue:
>>                                 pfqueue(22876) WARN:
>>                                 [mac:44:8a:5b:43:55:02] Nessus scanner
>>                                 name doesn't exist
>>                                  (pf::scan::nessus6::startScan)
>>                                 Aug  3 18:19:25 egelsbach
>>                                 packetfence_httpd.webservices:
>>                                 httpd.webservices(22080) WARN:
>>                                 [mac:44:8a:5b:43:55:02] Use of
>>                                 uninitialized value in pattern match
>>                                 (m//) at
>>                                 /usr/local/pf/lib/pf/violation.pm
>>                                 <http://violation.pm> line 792.
>>                                  (pf::violation::violation_close)
>>                                 Aug  3 18:19:25 egelsbach
>>                                 packetfence_httpd.webservices:
>>                                 httpd.webservices(22080) WARN:
>>                                 [mac:44:8a:5b:43:55:02] Use of
>>                                 uninitialized value $max in numeric le
>>                                 (<=) at
>>                                 /usr/local/pf/lib/pf/violation.pm
>>                                 <http://violation.pm> line 800.
>>                                  (pf::violation::violation_close)
>>
>>                                 The scanner name actually do exist in
>>                                 the scan.conf file.
>>
>>                                 [MAWOH_NESSUS_SCAN]
>>                                 ip=127.0.0.1
>>                                 duration=30s
>>                                 categories=guest,staff
>>                                 port=8843
>>                                 registration=1
>>                                 username=nessusadmin
>>                                 post_registration=1
>>                                 password=password
>>                                 pre_registration=1
>>                                 oses=1
>>                                 nessus_clientpolicy=testpolicy
>>                                 type=nessus6
>>                                 scannername=testscan
>>                                 .
>>
>>
>>                                 Regards,
>>                                 Kehinde
>>
>>                                 On Thu, Aug 3, 2017 at 6:02 PM, Juan
>>                                 Camilo Valencia
>>                                 <juan.valen...@seguratec.com.co
>>                                 <mailto:juan.valen...@seguratec.com.co>>
>>                                 wrote:
>>
>>                                     Hi Kehinde,
>>
>>                                     in Nessus6.pm change this line,
>>
>>                                     my $scanner_id =
>>                                     $nessus->get_scan_id(name =>
>>                                     $scanner_name);
>>
>>                                     for
>>
>>                                     my $scanner_id =
>>                                     $nessus->get_scanner_id(name =>
>>                                     $scanner_name);
>>
>>
>>                                     You were right, in the past I send
>>                                     you a mismatch function however
>>                                     should be working for what i saw
>>                                     in the rest.pm <http://rest.pm>
>>                                     file. Does not make so much sense
>>                                     the error, but try to restart pf
>>                                     at every change,
>>
>>                                     perl apparently loads in memory
>>                                     its functions, so if you change
>>                                     the file is not going to be take
>>                                     until you reload the library. I'll
>>                                     hope this tine I catch it.
>>
>>                                     Best Regards,
>>
>>
>>                                     2017-08-03 10:50 GMT-05:00 Akala
>>                                     Kehinde <kehindeak...@gmail.com
>>                                     <mailto:kehindeak...@gmail.com>>:
>>
>>                                         Hello Juan,
>>
>>                                         See attached...
>>
>>                                         Regards,
>>                                         Kehinde
>>
>>                                         On Thu, Aug 3, 2017 at 5:42
>>                                         PM, Juan Camilo Valencia
>>                                         <juan.valen...@seguratec.com.co
>>                                         <mailto:juan.valencia@segurate
>> c.com.co>>
>>                                         wrote:
>>
>>                                             HI,
>>
>>                                             Just to be sure, please
>>                                             attach the nessus6.pm
>>                                             <http://nessus6.pm> file
>>                                             and your current REST.pm
>>                                             file to see where is the
>>                                             problem should be
>>                                             something so simple that
>>                                             we are missing,
>>
>>                                             Best Regards,
>>
>>                                             2017-08-03 10:20 GMT-05:00
>>                                             Akala Kehinde
>>                                             <kehindeak...@gmail.com
>>                                             <mailto:
>> kehindeak...@gmail.com>>:
>>
>>                                                 Hi Juna,
>>
>>                                                 Even after adding the
>>                                                 funtion you sent
>>                                                 before and after I
>>                                                 reinstalled, I still
>>                                                 got the "Unknown
>>                                                 scanner at
>>                                                 /usr/local/pf/lib/pf/scan/
>> nessus6.pm
>>                                                 <http://nessus6.pm>
>>                                                 line 123." error.
>>
>>                                                 Regards,
>>                                                 Kehinde
>>
>>                                                 On Thu, Aug 3, 2017 at
>>                                                 5:18 PM, Akala Kehinde
>>                                                 <kehindeak...@gmail.com
>>                                                 <mailto:
>> kehindeak...@gmail.com>>
>>                                                 wrote:
>>
>>                                                     Hello Juan,
>>
>>                                                     Reinstalled the
>>                                                     REST.rpm file from
>>                                                     the url you sent.
>>                                                     IT is the same as
>>                                                     what I had before
>>                                                     and not from a
>>                                                     different repo.
>>                                                     But still got the
>>                                                     smae errors I did
>>                                                     from the begiining
>>                                                     starting from line
>>                                                     96 in the
>>                                                     nessus.pm
>>                                                     <http://nessus.pm>
>>                                                     file.
>>
>>                                                     I'm thinking
>>                                                     there's a mismatch
>>                                                     of variables or
>>                                                     function names
>>                                                     between the
>>                                                     nessus.pm
>>                                                     <http://nessus.pm>
>>                                                     and REST.rpm files.
>>
>>                                                     Regards,
>>                                                     Kehinde
>>
>>                                                     On Thu, Aug 3,
>>                                                     2017 at 4:28 PM,
>>                                                     Juan Camilo
>>                                                     Valencia
>>                                                     <
>> juan.valen...@seguratec.com.co
>>                                                     <mailto:
>> juan.valen...@seguratec.com.co>>
>>                                                     wrote:
>>
>>                                                         Hi Akala,
>>
>>                                                         Again is your
>>                                                         REST.pm file
>>                                                         what is
>>                                                         creating all
>>                                                         the problems,
>>                                                         and probably
>>                                                         it will
>>                                                         continue, so
>>                                                         please delete
>>                                                         the last
>>                                                         chanes you did
>>                                                         in the
>>                                                         Nessus6.pm, an
>>                                                         go to your
>>                                                         REST.pm and
>>                                                         add this function,
>>
>>                                                         sub
>>                                                         get_scanner_id {
>>                                                             my ($self,
>>                                                         %params) = @_;
>>
>>                                                             croak
>>                                                         "missing name
>>                                                         parameter"
>>                                                         unless
>>                                                         $params{name};
>>
>>                                                             my
>>                                                         $scanner =
>>                                                         first {
>>                                                         $_->{name} eq
>>                                                         $params{name}}
>>
>> $self->list_scanners();
>>                                                         return unless
>>                                                         $scanner;
>>                                                         return
>>                                                         $scanner->{id};
>>                                                         }
>>
>>                                                         This should
>>                                                         fix that
>>                                                         error, but
>>                                                         probably you
>>                                                         are going to
>>                                                         have another
>>                                                         problems... if
>>                                                         it fix all the
>>                                                         Nessus issues
>>                                                         whit this
>>                                                         changes taht
>>                                                         will be great,
>>                                                         however I
>>                                                         strongly
>>                                                         recommend go
>>                                                         to
>>
>> https://inverse.ca/downloads/PacketFence/CentOS7/x86_64/RPMS/
>>                                                         <
>> https://inverse.ca/downloads/PacketFence/CentOS7/x86_64/RPMS/>
>>                                                         and look for
>>                                                         perl-Nessus-REST
>>                                                         rpm file and
>>                                                         reinstall it
>>                                                         in your system
>>                                                         that should
>>                                                         fix every
>>                                                         problem
>>                                                         related whit
>>                                                         Nessus.
>>
>>                                                         Best regards,
>>
>>                                                         2017-08-03
>>                                                         9:01 GMT-05:00
>>                                                         Akala Kehinde
>>                                                         <
>> kehindeak...@gmail.com
>>                                                         <mailto:
>> kehindeak...@gmail.com>>:
>>
>>                                                             Hello JUan,
>>
>>                                                             Still
>>                                                             doesn't
>>                                                             work when
>>                                                             I tried
>>                                                             somethn
>>                                                             like this:
>>
>>                                                             # my
>>                                                             $scan_name
>>                                                             =
>>
>> "pf-".$hostaddr."-".$nessus_clientpolicy;
>>                                                                 my
>>                                                             $scan_name
>>                                                             =
>>                                                             "pftestscan";
>>                                                                 my
>>                                                             $scan_id =
>>
>> $nessus->create_scan(
>>
>>
>>                                                             Regards,
>>                                                             Kehinde
>>
>>                                                             On Thu,
>>                                                             Aug 3,
>>                                                             2017 at
>>                                                             3:32 PM,
>>                                                             Juan
>>                                                             Camilo
>>                                                             Valencia
>>                                                             <
>> juan.valen...@seguratec.com.co
>>                                                             <mailto:
>> juan.valen...@seguratec.com.co>>
>>                                                             wrote:
>>
>>                                                                 Hi Akala,
>>
>>                                                                 Let me
>>                                                                 check
>>                                                                 the
>>                                                                 code
>>                                                                 again,
>>                                                                 in the
>>                                                                 past
>>                                                                 you
>>                                                                 can
>>                                                                 connect
>>                                                                 several
>>                                                                 Nessus
>>                                                                 servers
>>                                                                 between
>>                                                                 them
>>                                                                 and in
>>                                                                 a
>>                                                                 centralize
>>                                                                 way
>>                                                                 send a
>>                                                                 scan
>>                                                                 at
>>                                                                 local
>>                                                                 server
>>                                                                 and
>>                                                                 specify
>>                                                                 a
>>                                                                 remote
>>                                                                 nessus
>>                                                                 instance,
>>                                                                 so
>>                                                                 that
>>                                                                 is the
>>                                                                 reason
>>                                                                 because
>>                                                                 you
>>                                                                 have
>>                                                                 that
>>                                                                 variable
>>                                                                 of the
>>                                                                 nessus
>>                                                                 scanner
>>                                                                 name.
>>                                                                 Make
>>                                                                 sure
>>                                                                 that
>>                                                                 variable
>>                                                                 is
>>                                                                 initialize
>>                                                                 at the
>>                                                                 beginning
>>                                                                 of the
>>                                                                 code
>>                                                                 with a
>>                                                                 value,
>>                                                                 if I'm
>>                                                                 not
>>                                                                 wrong
>>                                                                 is
>>                                                                 default,
>>                                                                 which
>>                                                                 nessus
>>                                                                 takes
>>                                                                 like
>>                                                                 the
>>                                                                 default
>>                                                                 server.
>>                                                                 However
>>                                                                 if you
>>                                                                 have a
>>                                                                 particular
>>                                                                 name,
>>                                                                 change
>>                                                                 the
>>                                                                 variable
>>                                                                 for
>>                                                                 the
>>                                                                 name
>>                                                                 of the
>>                                                                 nessus
>>                                                                 scanner.
>>
>>                                                                 In the
>>                                                                 meanwhile
>>                                                                 I will
>>                                                                 be
>>                                                                 reviewing
>>                                                                 what
>>                                                                 other
>>                                                                 things
>>                                                                 could
>>                                                                 be
>>                                                                 wrong
>>                                                                 with this.
>>
>>                                                                 Best
>>                                                                 regards,
>>
>>                                                                 El 3
>>                                                                 ago.
>>                                                                 2017
>>                                                                 8:07
>>                                                                 AM,
>>                                                                 "Akala
>>                                                                 Kehinde"
>>                                                                 <
>> kehindeak...@gmail.com
>>                                                                 <mailto:
>> kehindeak...@gmail.com>>
>>                                                                 escribió:
>>
>>                                                                     Hello
>>                                                                     Juan,
>>
>>
>> Changed
>>                                                                     the
>>                                                                     line
>>                                                                     and
>>                                                                     it
>>
>> worked,
>>                                                                     but
>>                                                                     not
>>                                                                     iuntil
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to