Running nessusd on one of the Knoppix-based Linux distributions will start with a fairly secure base and significantly reduce the rebuild overhead if the system is successfully compromised. Two i know of are at http://www.localareasecurity.com and http://www.knoppix-std.org. If running the client locally is possible/acceptable, a USB flash drive provides convenient nonvolatile storage for plugins, target lists and scanner output.
Jay Jacobson wrote:
If your Nessus client is also on the "inside" network, then you can block 1241/tcp externally, as that is the only port the Nessus server listens on accepting connections from Nessus clients.
~Jay
On Wed, 21 Apr 2004, Michael Scheidell wrote:
allow ip any any?Does anyone have an example of an IPTables filtering list under Redhat that can be used with Nessus.
I'm sorry if this is a little off topic.
I have had some problems using Nessus and NAT (for external scans), so
I'm thinking of putting the Nessus scanner on the outside segment of our
network. I would like to setup IPTables so the machine is not completely
vulnerable to the outside.
put it on outside interface, start nessus it with -a {ip} option (using inside ip address), MAYBE use -S option with outside ip address.
that way, nessus will only be listening on the internal interface.
Anything else and you will interfere with nessus
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
