Nessus info
To run Nessus and nmap effectively:
Version 3.0 came out in Dec 2005.
If you get errors on startup, like:
Nasl binary storage: ... bad address
(This would have happened after killing the daemon after it was starting up registering its plugins). Then kill nessusd and restart it with -R:
/sbin/service nessusd stop
(or just kill it)
and run
/opt/nessus/sbin/nessusd -R
Then start the daemon normally:
/sbin/service nessusd start
or
/opt/nessus/sbin/nessusd -D.
When scanning and reading input from nmap, it only reads -oG Grepable files now. So run nmap like this:
nmap -sS -sV -O -p 1-63335 -P0 -oG myhost.out myhost
Then when you run nessus client (/usr/local/bin/NessusClient) you can select the file in the nasl plugin section. Specify the file, make sure it's readable by the client. I left the rest there as defaults but removed the "ping remote host first" in the next section down under nmap (Nasl wrapper) section.
Then when you specify the targets in nessus in the target section, put it in as a range. 1.2.3.4-10. I haven't had luck putting it as a network with a /28 or whatever.
nmap has an option to output into several major file formats at once (-oA). It's worth it to use that so you have the results in something you can read as well as use for nessus input.
So the command to use is:
nmap -sS -sV -O -oA myhost.out -P0 -p 1-65535 myhost
Miscellaneous:
When you update the plugins, kill the daemon first and restart it. I read that otherwise, the daemon won't know about the new plugins.
Version 3.0 came out in Dec 2005.
If you get errors on startup, like:
Nasl binary storage: ... bad address
(This would have happened after killing the daemon after it was starting up registering its plugins). Then kill nessusd and restart it with -R:
/sbin/service nessusd stop
(or just kill it)
and run
/opt/nessus/sbin/nessusd -R
Then start the daemon normally:
/sbin/service nessusd start
or
/opt/nessus/sbin/nessusd -D.
When scanning and reading input from nmap, it only reads -oG Grepable files now. So run nmap like this:
nmap -sS -sV -O -p 1-63335 -P0 -oG myhost.out myhost
Then when you run nessus client (/usr/local/bin/NessusClient) you can select the file in the nasl plugin section. Specify the file, make sure it's readable by the client. I left the rest there as defaults but removed the "ping remote host first" in the next section down under nmap (Nasl wrapper) section.
Then when you specify the targets in nessus in the target section, put it in as a range. 1.2.3.4-10. I haven't had luck putting it as a network with a /28 or whatever.
nmap has an option to output into several major file formats at once (-oA). It's worth it to use that so you have the results in something you can read as well as use for nessus input.
So the command to use is:
nmap -sS -sV -O -oA myhost.out -P0 -p 1-65535 myhost
Miscellaneous:
When you update the plugins, kill the daemon first and restart it. I read that otherwise, the daemon won't know about the new plugins.
posted by Keith Salustro at 12:16 PM
0 comments
