I just wanted to lend my support to this idea. It would make things much easier when doing automated scans.
On Wed, Feb 06, 2002 at 03:30:48PM -0700, Pete Akre wrote: [snip] > The real issue is that as the plugins on the server change, the .nessusrc > file generated manually (either by the GUI or the CLI if that was > available) becomes very outdated very quickly. This means that for > unattended scans (i.e., from cron daily) I would have to launch the GUI > *every day* to re-generate a new .nessusrc file to incorporate that day's > plugin changes. [snip] > I think an easier way to "fix" this problem would be to allow plugins to > be specified by family in the .nessusrc file. For example, today it looks > like: [snip current config] > begin(PLUGIN_SET) > Backdoors Family = yes > CGI abuses Family = yes > Denial of Service Family = no > Finger abuses Family = yes > ... (continuing on with a line for every FAMILY instead of every plugin) > end(PLUGIN_SET) > > > Thus, a "yes" would indicate to use ALL the plugins in that family (even > the "dangerous" ones), while a "no" would indicate to use NONE of the > plugins in that family. I would add two things: first, allow as a separte option the ability to turn on/off dangerous plugins in all families. Second, how about making the whole family knob a default for that family. Then allowing individual plugins to be turned on or off as needed. so setting "Backdoors Family" = yes, but "SubSeven Check" = no would turn on all backdoor checks, except for SubSeven. (Note: I'm guessing at the name, I don't have access to a nessus server at the moment). This has the nice effect of making the configuration as simple as possible, while still allowing more complex configurations to be possible. > > I'm still curious how other people are solving this issue. I can't believe > (or maybe I'm just in denail :) that everyone is running the GUI *every > day* to re-generate a new up-to-date .nessusrc file. :) When I was running the stable branch, it seemed like nessus automatically turned on new plugins (except dangerous ones) when it was run. -- Devin Kowatch [EMAIL PROTECTED]
