Thanks George for the info. One thing I noticed is that when I over-ride plugins using .nessusrc, nessus takes a much longer time than if I directly give the relevant plugins via mentioning a directory in the nessusd.conf file.
In fact, I tried running more than one nessusd deamon, instead of running a single nessusd deamon with a number of invokations of nessus clients. My question is: if one just forgets the overriding of plugins but instead runs a number of nessusd deamons each with a separate plugin directory (if one has a number of machines to test, and each with a different list of plugins), would there be any negative fall-outs? I can see a definite gain in speed in the above. Another related question: is there a way to test two different IP addresses each with a different set of plugins except via either 1) running nessus clients twice, or 2) via giving a HUP signal to nessusd and changing the list of plugins? Thanks, Samir Samir Kelekar, Pradnya Systems, Bangalore. > So, to override the plugins, is it necessary that each plugin mentioned via > nessusd.conf > have to be explicitely overriden via .nessusrc, by giving yes, and no under > begin(PLUGIN_SET)? Yes, plugins not listed in the client configuration file are enabled by default, except for dangerous plugins if safe checks are enabled. [Dangerous plugins are those in the categories destructive_attack, denial, and kill_host -- ie, those which "in theory" may harm targets.] You may wish to use my update-nessusrc script to make managing plugins in client configuration files easier -- you can enable / disable by category, family, risk level, and plugin ids. For more information, see <http://www.tifaware.com/perl/update-nessusrc/>. George ----- Original Message ----- From: "George Theall" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 26, 2003 4:58 PM Subject: Re: Question about overriding of plugins using .nessusrc
