05 Returns

Well, you’ll eventually get down to this. Execute the session you created. It will take a while depending on your settings. If you want something to do during this time, you could log in to the linux console and run “top” and watch nessusd bounce all over the utilization table. Or you could go wax your car–up to you. The status window is pretty self-explanitory.

By the way, if you don’t want the Execution Options to pop up each time you run a scan, go back into the properties of the session and on the Options Tab, click on “Don’t show execution options at session execution”.

When it’s done, you’ll be taken to the “Manage Results” dialog. You can also get here anytime by selecting a session with a single mouse-click and hitting F3 (or Session | Manage Reults). Don’t forget to select a session, though, or it won’t do anything and won’t tell you why it isn’t doing anything. From Manage Results you can select a session ID and View, or save it out to HTML with the Report button, or Export to MySQL should you choose to do so.

And that’s about it. I can’t tell you what to do with the results beyond research.

However, if you want to schedule this, you can make a batch file to do so. One thing about this though, it seems like the connection is much more touchy with the batch file than while inside the GUI.

Case-in-point: I had an old 10MB HP switch connecting these two test machines. They could connect and scan and do whatever I wanted within the GUI interface. No problems apparent. However, I could not make the batch mode work–the log said that it was authenticating fine, but “connection initialization timed out”. Very frustrating.

I was actually to the point of chucking the whole thing and I logged out of fedora completely. But I thought I’d try it one more time…the fedora console started going nuts, barfing up bad packets. I have no idea why it would log that to the console when no one was logged on, but I’m glad it did. Classic media-type missmatch (autonegotiation failure). I popped my little 100MB traveling switch in there, and suddenly batch mode worked. I’m assuming that Fedora has the NIC locked into 100MB Full Duplex or something…this old HP is only able to do 10MB Half.

Anyway, that’s the story, Morning Glory. I have a co-worker hacking on the source code of NessusWX so that it automatically exports to MySQL. This is a huge hole in the functionality of the client–you can schedule scans with batchmode scripting, but the information just sits there until you click the export button. If we can get this changed (at least in batch mode), I’ll post the binaries. Don’t hold your breath

Anyway, good luck. Remember–I am not a linux or nessus expert, so you probably won’t get earth-shattering answers to questions on either.

I’d give the process 3 out of 5 tree chickens.

Popularity: 1% [?]