Greetings,
I have numerous requests to work with the output in Nessus. After
looking through the nessus.xsl file we use, and the output of the xml
files generated by nessus, it looks like adding a few tags could go a
long way in modifying reports. Below is some sample output from a
plugin, I've added tags that might be useful, they are in bold.
<information>
<severity>Security Note</severity>
<id>10263</id>
<data>
<synopsis>
Synopsis :
An SMTP server is listening on the remote port.
</synopsis>
<description>
Description :
The remote host is running a mail (SMTP) server on this port.
Since SMTP servers are the targets of spammers, it is
recommended you
disable it if you do not use it.
</description>
<solution>
Solution :
Disable this service if you do not use it, or filter incoming
traffic
to this port.
</solution>
<riskFacror>
Risk Factor:
None
</riskFactor>
<pluginOutput>
Plugin output :
Remote SMTP server banner :
220 <removed> Microsoft ESMTP MAIL Service, Version:
6.0.2600.2180 ready at Mon, 10 Dec 2007 23:38:34 +0530
</pluginOutput>
</data>
</information>
With these additional tags, one would be able to easily modify/create
additional tables and so forth in the existing nessus.xsl, or modify the
output as they require.
Any idea how I'd go about making this a formal feature request, or do
the devs monitor this list?
Thanks!
-----Message Disclaimer-----
This e-mail message is intended only for the use of the individual or
entity to which it is addressed, and may contain information that is
privileged, confidential and exempt from disclosure under applicable law.
If you are not the intended recipient, any dissemination, distribution or
copying of this communication is strictly prohibited. If you have
received this communication in error, please notify us immediately by
reply email to [EMAIL PROTECTED] and delete or destroy all copies of
the original message and attachments thereto. Email sent to or from the
Principal Financial Group or any of its member companies may be retained
as required by law or regulation.
Nothing in this message is intended to constitute an Electronic signature
for purposes of the Uniform Electronic Transactions Act (UETA) or the
Electronic Signatures in Global and National Commerce Act ("E-Sign")
unless a specific statement to the contrary is included in this message.
While this communication may be used to promote or market a transaction
or an idea that is discussed in the publication, it is intended to provide
general information about the subject matter covered and is provided with
the understanding that The Principal is not rendering legal, accounting,
or tax advice. It is not a marketed opinion and may not be used to avoid
penalties under the Internal Revenue Code. You should consult with
appropriate counsel or other advisors on all matters pertaining to legal,
tax, or accounting obligations and requirements.
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
