Thanks to all for your suggestions and help...
Nicole
From: "Hemsley, Trevor" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: RE: UPDATE: No results on linux client Date: Fri, 23 Apr 2004 09:45:45 +0100
Since you are using SuSE 9, make sure that you have run Yast Online Update to get all the latest patches from SuSE. The original kernel that shipped with SuSE 9.0 was badly broken as far as running Nessus was concerned and I believe that some of the patched versions that they have released since the original do actually fix the problems that were reported. I doubt if this would explain the difference between using NessusWX and the native client since both would be using the same server and be hitting the same bug(s) but it is still something that needs to be done in order to successfully run Nessus on a SuSE 9.0 box.
-----Original Message----- From: net sec [mailto:[EMAIL PROTECTED] Sent: 23 April 2004 03:37 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: UPDATE: No results on linux client
I was able to determine by brute force trial that the particular toggle that
resulted in the blank report from the linux client was tcp()connect on the
Scan options port scanner tab. When I disable this option I do get report
results. HOWEVER, when scanning identical targets, I am still getting
differing results between nessusWX and the linux client. Namely, the
nessuswx client gives me MUCH more information and correctly identifies all
ports listening on the box (6) while the linux client only identifies 2
services and does not successfully scan with SMB credentials to identify
other vulnerabilities.
You're not likely to convince me that the native nessus client is not as
adept as nessuswx. I am struggling between two conclusions. 1) I am
missing some option/toggle on the linux side compared to the windows client.
2) Something is just hosed on my SuSE install and I should just backout the
install and re-do it.
I am leaning towards 2 but want some feedback. I am not getting any
'errors' when running the native client. It is a little difficult to do a
direct compare on options between the two clients due to the differences in
the interfaces.
Do I blow away my Nessus install and start from scratch? If so - what is the cleanest way to do this? Other ideas on why the native client doesn't seem to be providing complete reporting?
Thanks in advance for your ideas.....
Nicole
>From: "net sec" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: No results on linux client
>Date: Thu, 22 Apr 2004 23:23:57 +0000
>
>I am running Nessus 2.10 on a SuSE linux 9 KDE 3.1. I am just beginning to
>use nessus and am trying to test/train by scanning a single client on the
>same subnet. When I use the nessus client from the linux box I get NO
>results in any of the windows. The Report window pops up after about 5
>seconds and all subwindows are empty (Subnet, Port, Severity and Host.). I
>have simultaneously done windump and tcpdump on the target PC and the
>nessus box during the test and I can seen that traffic is being sent and
>received from one box to the other.
>I have also installed the NessusWX client and HAVE successfully scanned the
>very same target getting results.
>
>The WX client is OK but there are two reasons I want to use the linux
>client. 1) I don't see any option to enable SMB credentials in order to do
>regristry scanning and 2) I will need to do scans at remote sites using my
>linux laptop so I need to be confident/familiar with the report output from
>this client. Am I missing something obvious regarding the output on the
>linux client? When I click on any of the drop down arrows on the empty
>report I noticed that the window left open when I started 'nessus' client
>reports 'Garbage is in the conditions'. FYI - I also tried a scan to
>another target on the same subnet with the same results.
>
>Any tips/help is appreciated.
>
>_________________________________________________________________
>>From must-see cities to the best beaches, plan a getaway with the Spring
>Travel Guide! http://special.msn.com/local/springtravel.armx
>
>_______________________________________________
>Nessus mailing list
>[EMAIL PROTECTED]
>http://mail.nessus.org/mailman/listinfo/nessus
_________________________________________________________________
Lose those love handles! MSN Fitness shows you two moves to slim your waist.
http://fitness.msn.com/articles/feeds/article.aspx?dept=exercise&article=et_pv_030104_lovehandles
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
__________________________________________________________________________ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. __________________________________________________________________________ _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar � get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
