-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Last night I succeeded in creating an XSLT 2 file that will transform the policies.xml file into a properly formatted .nessusrc file. This is for the policies.xml file created by the Nessus GUI Client for linux and Windows (v 3.0.0 Beta 3)(NOT the client that is included with the Windows version of Nessus 3.0.6).
What does this do? It allows me to use a GUI client from Windows to select the plugins and settings I desire, then, using the XSLT file I created and a free XSLT2 engine such as from Altova, or SaxonB, generate a .nessusrc file to be placed on the Solaris 3.0.6 server. I then run the update-nessusrc script (with parameters to enable ONLY the plugins I want enabled) and now I can run a specific commandline nessus scan (or use cron to schedule it) based upon different .nessusrc files and store all results on the server (rather than my workstation). One drawback with the v 3.0.0 Beta 3 GUI client for Windows/Linux is that there do not appear to be input boxes for setting certain preferences such as "non_simult_ports", etc. like the GUI client that comes with the Windows version of Nessus 3.0.6. This just means that the resulting .nessusrc file will require a little "personal touch" if you wish to avoid using the default values for these particular parameters. When I have a little more time, I think I will do the same thing for the Windows GUI client so I can use either one for generating .nessusrc files. It's nice to know that the newer versions use xml so we can work around issues such as no GTK gui client for Solaris <grin>. As for managing reports, etc. setting up the directory structures mentioned in a previous email, and using nessus from the commandline has allowed me to ensure all reports end up where I want them (on the secured server) rather than on whatever Windows workstaion I use to run the GUI client. Access to reports such as these should be restricted, and the files encrypted and backed up for historical reporting and disaster recovery purposes anyway. This is our current solution. I know some people use a database to store results, but time and budget constraints sometimes requires us to look at alternative solutions. Next steps: Add a secure web server to the mix and an "Admin" screen to allow me to pick the scan results file I wish to view along with the type of view I wish to see (by Risk Factor, By Host, By Vulnerability, etc.). We are unable to spend the money on a commercial solution so we must do this "the hard way" <grin>. Personally, I hate re-inventing the wheel, but again, sometimes financial resources are unavailable (but apparently "time" is....yeah, right!) When all is said and done, perhaps I will have to write a "How I Did It, by Viktor Frankenstein" type of guide <grin>. John Olson, CISSP -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) iQEVAwUBRx4lSNczbpxETmLMAQgQ3ggAwUVchYPIhToTkgWqIVZV5iF2SbB+G8y+ qBsSVCnPo2ee+ltWgoyVfQbK/0f1WcGy+pEZzUuWnczy57H20JlvISNlPgmcjVy3 cefXoHySjJWSz1v9BL4sTy9hW0nDVFzSo4SWd6xEBjY8nT3QdNEAZQnzhK99R9+1 NU/TnYmOhipyUkdkiSTIj7xzeC7J5OUI58bT12YSmaAACjJRjdDsRd5rB0H+0XKq 7WbQipwHNwZzGBQxVRf3/SyOoTPFCL/tMc8FL5/PpMc7EQFKPToTls/mjWlAcMjl 6OsGlMWVFDSRUO0E9QwzlPGy6Kt8sHPSxH06eIYbXFvT3LJ3wf3+tQ== =l94/ -----END PGP SIGNATURE----- This e-mail message is being sent solely for use by the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by phone or reply by e-mail, delete the original message and destroy all copies. Thank you. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
