Re: nessus which plug'in reports which vulnerability?
From: Javier Fernandez-Sanguino (jfernandez_at_germinus.com)
Date: 02/23/04
- Previous message: Vel: "manipulating query strings"
- In reply to: cissper: "nessus which plug'in reports which vulnerability?"
- Next in thread: Pete Herzog: "RE: nessus which plug'in reports which vulnerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Feb 2004 16:59:56 +0100 To: cissper <cissper@yahoo.com.au>
cissper wrote:
> Hi all
>
> Any ideas guys?
The Nessus HTML gives you a 'Nessus ID'[1] which is the plugin # for
Nessus. Check out http://cgi.nessus.org/plugins/dump.php3?id=XXXX
afterwards (I believe the HTML report has links to that)
You can also use the .nbe report use it to generate the HTML (or
generate both at the same time) and then parse the information from
the nbe as needed:
results|XXXXXX|XXXXX|www (80/tcp)|10330|Security Note|A web server is
running on this port\n
The 10330 is the find services plugin.
This question should have been directed to the nessus-users mailing
list better.
Regards
Javi
[1] Check out the sample at http://www.nessus.org/demo/report.html
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------
- Previous message: Vel: "manipulating query strings"
- In reply to: cissper: "nessus which plug'in reports which vulnerability?"
- Next in thread: Pete Herzog: "RE: nessus which plug'in reports which vulnerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
