Running nessus on freebsd...

I'm trying to get nessus setup for doing some internal security
checking. I installed the ports for nessus and nessus-plugins,
and everything worked as expected. I then registered for the
full feed of plugins, which got me up to over 10,000 plugins.
I restarted nessus, and it didn't work at all. I am running
without X11, so I'm doing batch runs. I already have nmap
installed, so I assume nessus is using that.

After much futzing around, and some arbitrary trial-and-error
guessing, I found that I could get nessus to work reasonably
well by cutting the number of plugins down to just under 3,400.
I did this first lopping off all plugins for 'hpux', then all
plugins for 'solaris*x86*', and so-on, and so-on, etc. Basically
removing checks for OS's that I know I will not be checking,
except that I also had to remove a bunch of samba-related
checks which I really should probably keep.

I should note that the server always starts up fine, but
running the client results in messages such as:
*** The daemon shut down the communication
*** nessus: nessusd abruptly shut the communication \
down - the test may be incomplete
and then the server is off spinning in some CPU loop, and
the client is doing nothing much. This happens before the
server has sent any packets to the target host.

I could obviously provide more details about what errors I'm
seeing, but it seems odd to me that I'm having problems with
so many plugins, and yet a quick skim of various mailing lists
don't show anyone else having these problems.

I had been running 6.x-stable as of about a month ago, so I
updated my machine to the status as of this morning, and that
didn't seem to help much. I'm running on a single-CPU Athlon
(i386, not amd64) machine.

Are other people here running nessus (2.2.6) with the "registered
plugins"? (not the commercial registration).

--
Garance Alistair Drosehn = gad@xxxxxxxxxxxxxxxxxxxx
Senior Systems Programmer or gad@xxxxxxxxxxx
Rensselaer Polytechnic Institute or drosih@xxxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Nessus 3.0 released
    ... Of course, since Nessus is a _network_ scanner, the bottleneck in the end is the network itself, so a nasl engine which is N times faster does not imply a scanner which is N times faster. ... While we're talking about performance, I'd like to point out that over the last months, we've profiled all the plugins and fixed those which were too slow -- improving the engine makes no sense if you have plugins with long timeouts. ... - In terms of reporting, we do not intend to duplicate efforts such as OSVDB or the Bugtraq database. ... Nessus 3 is to a vulnerability management system what libpcap is to ethereal -- it's a "sensor" which reports data. ...
    (Pen-Test)
  • Re: Vuln Scanning software choices
    ... Now that it appears that Nessus ... not since a year as you need to get the registered plugins to be ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • Re: MS05-039 Scanner
    ... I successfully scanned a full class-B network with Nessus by doing the ... In the "Plugins" tab, click Disable All, then scroll down to Windows, ... > WLAN by understanding these threats, ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ...
    (Pen-Test)
  • Re: Rooting out false positives
    ... One of my main disappointement with the Nessus project in general is ... see how the remote server reacts. ... daemons, and our plugins found out many occurences of DoS, ... Of course, we also found some false positives that we fixed, ...
    (Pen-Test)
  • Re: [Full-Disclosure] Nessus experience
    ... Nessus takes too much time as what happens is that all the plugins get ... nessusd to the nessus client, and then back to the nessusd. ...
    (Full-Disclosure)