MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="ISO-8859-1"
From: Harald Thingelstad <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: nessusd: Bug reproduced - and invalid by license.
X-Mailer: reportbug 3.8
Date: Wed, 31 Aug 2005 19:30:56 +0200

Package: nessusd
Version: 2.2.3-3
Followup-For: Bug #310740



-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=no_NO, LC_CTYPE=no_NO (charmap=ISO-8859-1)

Versions of packages nessusd depends on:
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared
libraries an
ii  libnasl2                    2.2.3-1      Nessus Attack Scripting
Language, 
ii  libnessus2                  2.2.3-1      Nessus shared libraries
ii  libssl0.9.7                 0.9.7e-3     SSL shared libraries
ii  libwrap0                    7.6.dbs-8    Wietse Venema's TCP
wrappers libra
ii  nessus-plugins              2.2.3-1      Nessus plugins
ii  openssl                     0.9.7e-3     Secure Socket Layer (SSL)
binary a

-- no debconf information

On a sarge installation behind NAT firewall, from a clean slate: 
(please excuse the language)

============================snippety==================================
[EMAIL PROTECTED]:~$ sudo aptitude install nessusd
Password:
E: /skole/tjener/home0/harald/.aptitude/config - Klarer ikke å åpne %s
for å skrive til den (13 Ikke tilgang)
Leser pakkelister ... Ferdig
Skaper oversikt over avhengighetsforhold
Les utvidet tilstandsinformasjon
Oppdater pakkenes status ... Ferdig
Leser oppgavebeskrivelser ... Ferdig
Disse NYE pakkene vil bli installert automatisk:
  libnasl2 libsnmp-base libsnmp5 nessus-plugins snmp
Disse pakkene blir holdt tilbake:
  libfaac0
Disse NYE pakkene vil bli installert:
  libnasl2 libsnmp-base libsnmp5 nessus-plugins nessusd snmp
0 pakker oppgradert, 6 nylig installert, 0 skal fjernes og 1
skal ikke oppgraderes.
Trenger å hente 5070kB i installasjonspakker. Etter utpakking
vil 18,3MB bli brukt.
Vil du fortsette? [J/n/?]
Skriv utvidet tilstandsinformasjon ... Ferdig
Hent:1 http://ftp.skolelinux.no sarge/main libnasl2 2.2.3-1
[96,9kB]
Hent:2 http://ftp.skolelinux.no sarge/main libsnmp-base
5.1.2-6.1 [1009kB]
Hent:3 http://ftp.skolelinux.no sarge/main libsnmp5 5.1.2-6.1
[1532kB]
Hent:4 http://ftp.skolelinux.no sarge/main nessus-plugins
2.2.3-1 [1416kB]
Hent:5 http://ftp.skolelinux.no sarge/main nessusd 2.2.3-3
[205kB]
Hent:6 http://ftp.skolelinux.no sarge/main snmp 5.1.2-6.1
[811kB]
Henta 5070kB på 16s (316kB/s)
Førehandsoppset pakkar ...
Velger den tidligere fravalgte pakken libnasl2.
(Leser database ... 145973 filer og kataloger er installerte.)
Pakker ut libnasl2 (fra .../libnasl2_2.2.3-1_i386.deb) ...
Velger den tidligere fravalgte pakken libsnmp-base.
Pakker ut libsnmp-base (fra .../libsnmp-base_5.1.2-6.1_all.deb)
...
Velger den tidligere fravalgte pakken libsnmp5.
Pakker ut libsnmp5 (fra .../libsnmp5_5.1.2-6.1_i386.deb) ...
Velger den tidligere fravalgte pakken nessus-plugins.
Pakker ut nessus-plugins (fra
.../nessus-plugins_2.2.3-1_i386.deb) ...
Velger den tidligere fravalgte pakken nessusd.
Pakker ut nessusd (fra .../nessusd_2.2.3-3_i386.deb) ...
Velger den tidligere fravalgte pakken snmp.
Pakker ut snmp (fra .../snmp_5.1.2-6.1_i386.deb) ...
Setter opp libnasl2 (2.2.3-1) ...

Setter opp libsnmp-base (5.1.2-6.1) ...
Setter opp libsnmp5 (5.1.2-6.1) ...

Setter opp nessus-plugins (2.2.3-1) ...

Setter opp nessusd (2.2.3-3) ...
/var/lib/nessus/private/CA created
/var/lib/nessus/CA created

-------------------------------------------------------------------------------
                        Creation of the Nessus SSL Certificate
-------------------------------------------------------------------------------

This script will now ask you the relevant information to create the SSL
certificate of Nessus. Note that this information will *NOT* be sent to
anybody (everything stays local), but   anyone with the ability to connect
to
your Nessus daemon will be able to retrieve this information.


CA certificate life time in days [1460]:
Server certificate life time in days[365]:
Your country (two letter code) [NO]:
Your state or province name [none]:
Your location (e.g. town) [Paris]: Oslo
Your organization [Nessus Users United]:FAIR





















-------------------------------------------------------------------------------
                        Creation of the Nessus SSL Certificate
-------------------------------------------------------------------------------

Congratulations. Your server certificate was properly created.

/etc/nessus/nessusd.conf updated

The following files were created :

. Certification authority :
   Certificate = /var/lib/nessus/CA/cacert.pem
   Private key = /var/lib/nessus/private/CA/cakey.pem

. Nessus Server :
   Certificate = /var/lib/nessus/CA/servercert.pem
   Private key = /var/lib/nessus/private/CA/serverkey.pem

Press [ENTER] to exit


Setter opp snmp (5.1.2-6.1) ...
Leser pakkelister ... Ferdig
Skaper oversikt over avhengighetsforhold
Les utvidet tilstandsinformasjon
Oppdater pakkenes status ... Ferdig
Leser oppgavebeskrivelser ... Ferdig
[EMAIL PROTECTED]:~$ su -
Password:
static02:~# nessusd
Loading the plugins... 1479 (out of 2063)
---------------------------------------------------------------------------
You are running a version of Nessus which is not
configured to receive
a full plugin feed. As a result, your security audits
might produce
incomplete results.

To obtain a full plugin feed, you need to register your
Nessus scanner
at the following URL :

               http://www.nessus.org/register/


--------------------------------------------------------------------------
All plugins loaded

Killed
static02:~# nessus-fetch --register XXXX-XXXX-XXXX-XXXX-XXXX
Unknown error while decoding HTTP response (http error code =
1073949445)
static02:~#


===========================snip================================

The XXXX-XXXX-XXXX-XXXX-XXXX is a fresh and valid serial number of
course.

The same problem does not come up when installing nessusd from sid,
however. Setup this time is:


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686
Locale: LANG=nb_NO, LC_CTYPE=nb_NO (charmap=ISO-8859-1)

Versions of packages nessusd depends on:
ii  libc6                         2.3.5-6    GNU C Library: Shared
libraries an
ii  libnasl2                      2.2.5-2    Nessus Attack Scripting
Language,
ii  libnessus2                    2.2.5-1    Nessus shared libraries
ii  libssl0.9.7                   0.9.7e-3   SSL shared libraries
ii  libwrap0                      7.6.dbs-8  Wietse Venema's TCP
wrappers libra
ii  nessus-plugins                2.2.5-2    Nessus plugins
ii  openssl                       0.9.7e-3   Secure Socket Layer (SSL)
binary a
                

No problems here.



But, as stated in the license for the 'registered plugin feed', which is
being used here:
"You agree to use the Plugins only in conjunction
with Nessus or NeWT vulnerability scanner programs obtained
directly from www.nessus.org or www.tenablesecurity.com and
registered with Tenable ('Registered Scanners')."

Debian packages are not allowed to be used with the registered download.
This bug only applies to practices not allowed by license.
As the nessus daemon and the first plugins are supposed to be downloaded
in short order, the problem might simply be that the registered plugins
aren't very backwards-compatible.




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to