On Mon, Oct 27, 2003 at 09:12:16PM -0000, Dave Wray wrote: > 1. What are each of the numbers in the scanner_set section of .nessusrc, > specifically 10180, 10331, 10335, 10336, 10796, 11219, 11840.
These are the plugins ids for plugins categorized as scanners. You can
learn more about most plugins by visiting:
http://cgi.nessus.org/plugins/dump.php3?id=<plugin id>
where <plugin id> is replaced by the plugin id; eg, for 10335
http://cgi.nessus.org/plugins/dump.php3?id=10335
> 2. Do the settings family of plugins require to be edited to configure them,
> or do they simply read the .nessusrc file to obtain settings?
The latter.
> 3. How does Nessus interface with Nikto? Does Nikto need to be in a specific
> directory?
Nessus tries to find external programs such as Nikto and nmap by
searching the path each time it starts. If the programs are found, the
plugin is available to be used; otherwise, you won't see it.
> 4. How does Nesssus interface with Hydra? Does Hydra need to be in a
> specific directory?
I'm not quite sure. Nessus appears to come with a version of Hydra
which is installed as a plugin.
> 5. Can someone explain exactly what the web mirroring feature does? Is the
> mirror image used by Nessus to reduce network bandwidth, or is it stored for
> human review? If so where is it stored?
?
> 6. In my 2.08a .nessusrc there are multiple instances of the line:
>
> HTTP login page [entry]: Login form fields: = user=%USER%&PASS = %PASS%
>
> Where do the variables USER and PASS get set and why so many entries (I
> count four identical entries)
This is a long-standing bug; see
<http://bugs.nessus.org/show_bug.cgi?id=279>.
George
--
[EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
