Rajiv Ranjan wrote:
Hello folks,
No need to crosspost this to alll the lists!
we need to know the details about NESSUS vulnerability scanner.
Like.
Most of your questions are answered already in mailing list archives.
You don't seem to have made any effort of answering them yourself.
1. The ARCHITECTURE of nessus(nessus client and daemon).
Please check out http://www.nessus.org/documentation/ and read the
information there. You will easily see that Nessus uses a Client -
Server architecture. Where server is always a UNIX system (Nessus is
available in source form and has been compiled by users for many
different OSes, although it's typically Linux) and Client can be a
UNIX system (if using the GTK gui), a Windows system (if using
NessusX) or a web browser (if using Inprotect and similar www frontends)
2. How nessus is using different O/S tools like, NMAP, HYDRA..
Calls them with options, parses results. Browse the code of the
non-NASL plugins at
http://cvsweb.nessus.org/cgi-bin/viewcvs.cgi/nessus-plugins/plugins/
You will see that Nessus does support Nmap, Hydra, Nikto and Whisker
(if they are installed in the nessus server)
3. Which module is responsible for what? means which module of nessus is
interacting with NMAP, which is for HYDRA and HOW?
Check the code above.
4. Which module is responsible for customization to scan.
�?
5. How to write plug in for nessus and also enable and disable the
plug-in(not by using UI)
a) Read the NASL documentation.
b) Read the manpage of nessusrc
6. How to customize the report generation of nessus.
a) Read the documentation related to the nbe format
b) Roll out your own scripts that parse the nbe
7. How can one integrate nessus with IDS to correlate the report and
alert to reduce false alert .
a) Extract the CVE references from plugins
b) Correlate with CVE references from IDS
c) Priorise those IDS alerts with CVE references that match Nessus
Note: Neither Nessus nor Snort are CVE-compatible (yet) but they do
have CVE refernces.
8. How each and every module is interacting with each-other.
In many ways (usually through the knowledge base)
I have searched the net to know the whole
architecture but didn't get much info. If u know or
have some relevant documents then Please let me know.
You have not done enough search, please try again.
Javier
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
