Albert, The best way to check local vulnerabilities using nessus would be to install a nessus server on the LAN you want to test and control it from a nessus client on the outside. For this you would have to open up port 1241 (or whatever port the nessus server is using) to access the nessus server with your nessus client.
This would be a good solution since the server would have direct access to the LAN. However, you make a point in programming a plugin (using NASL or C) to remotely access a server - seems to me this is similar to supplying windows credentials to check a Windows Domain (altough this isn't performed remotely). You could even extend it by having a plugin that contacts a remote nessus server installation that can perform vulnerability testing on a remote LAN, not just on the server you want to test. ideas, ideas... any one with a follow-up? what do you all think about this? I followed a friends advise, I turned this answer into a question. cheers! -oscar > Hello list! > > I am interested in verifying remotely some local UNIX vulnerabilities using > > nessus plugins, the reason why I need that plugins is to connect to some > terminal service (telnet, ssh, remote shell) and execute some commands in the > > analyzed host. > > I have readed the NASL documentation but I haven't seen that is possible to > > make terminal connections easily, because is necessary to code ssh or telnet > > clients using NASL (I have also readed the document that show how to write > plugins in C, but I am not sure if it works on current version). > > Well... My question is ?what do you think that is the best way to check > local > vulnerabilities using nessus? or ?is better to code a simple local C program > > and don't use nessus to do it? > > Thank's u guys! :) > > -- > ----------------------------------------------------------------------- > Albert Puigsech Galicia > InetSecur - Incident Response Team // esCERT-UPC > > C/ Jordi Girona, 29 > Edificio Nexus II, Planta I, Zona B > 08034 Barcelona - Españ> Telf.: +34 934137947, +34 934137948 > Fax.: +34 934017055 > ----------------------------------------------------------------------- > Este e-mail puede contener informacióonfidencial y/o privilegiada. > Si el presente mensaje no va dirigido a su persona (o lo ha recibido > por error) por favor, notifíelo inmediatamente al emisor y destruya > este e-mail. Cualquier divulgació copia o distribucióo autorizada > del material contenido en este e-mail queda prohibida. > > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus > ---------------------------------------------------------------- Servicio de correo - Universidad Galileo - Guatemala _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
