One issue that I've run into with something like this, is that I can't find a way escape hyphens in host names in the target list to nesses. So the names with hyphens are interpreted as ranges.
I see I can build a .nessus file that'll handle the issue. But its a lot more work to build the .nessus file from my host list. One could just use IPs, except I'm scanning some named virtual hosts, which require using the name. I really want to have a cron job that runs at, say, 4 am, that does my scan. And this is the hold up. Any ideas? John [EMAIL PROTECTED] wrote: > > Here's one approach that may give you a starting point. > ----------------------------------------------------------- > For each /24 on your network (class C) > - Ping sweep/ Nmap sweep / etc.... across current subnet > - parse result file (e.g. perl) to build a nessus host file of > devices that are up. > - Nessus scan of that subnet > - next subnet > > - Problems with this approach > - Devices can be turned off by the time they are scanned. > - Devices that do not respond on the port/protocol you are using to > determine they are up. > > > There are variations on this approach to include the size of the > subnet, using a Full NMap and assume hosts are up, etc..... > > > > ---------------------------------------------------- > Mike Sleeper CISSP, CCSE, CCFS > Computer & Information Security > ---------------------------------------------------- > > ************* DISCLAIMER *********************************** > The above comments are my own and do not > necessarily represent those of my employer or > contractor. Any information or advice provided by > me shall be given under the "caveat emptor" principal. > ***************************************************************** > > > > *"Rathbun, Dan" <[EMAIL PROTECTED]>* > Sent by: [EMAIL PROTECTED] > > 03/24/2008 08:26 AM > > > To > <[email protected]> > cc > > Subject > How to produce a list of target subnets? > > > > > > > > > > Greetings, > > I am trying to figure out the best way to produce a comprehensive list > of subnets on our global network in order to feed it into Nessus. Due > to the size of our network and the dynamic nature of it, a new list > really ought to be generated at least quarterly…if not monthly. I > have tried simply pulling a routing table off one of the core routers, > but the resulting file requires too much reformatting to make it fit > for this use. There has to be an easier way! > > I wonder if any of you have found a convenient approach to dealing > with this requirement? If so, would you be willing to share your > lessons learned? Thanks. > */Dan Rathbun/* > Information Security Director * > CISSP, GSLC and GSEC Certified* > *AECOM > 515 South Flower Street, 4th Floor > Los Angeles, CA 90071-2201* > * > p. 978.930.5656 > e.** [EMAIL PROTECTED] > > *_http://www.linkedin.com/in/drathbun_* > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > ------------------------------------------------------------------------ > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus -- John Gray [EMAIL PROTECTED] AgoraNet, Inc. (302) 224-2475 314 E. Main Street, Suite 1 (302) 224-2552 (fax) Newark, De 19711 http://www.agora-net.com _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
