Couple more points: (5) The .audit policies are really the best way. I took the "long road" because I wanted the plugin output to cite our security policy, point the reader to our policy server, and produce detailed output about precisely what was wrong (and what was right).
(6) The scripts have a copyright line, but there's no copyright. Feel free to use/abuse them however you want. When I catch up to Mike Vasquez in "giving back to the community," maybe I'll be less sharing ;) (7) The CVSS score/codes are all made-up. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Scherff Sent: Thursday, July 17, 2008 9:25 AM To: Adrian Raduti; [EMAIL PROTECTED] Cc: [email protected] Subject: RE: antivirus_installed.nasl Here you go Adrian and Mike. A few important points: 0) These go in the /opt/nessus/lib/nessus/plugins directory. 1) I goofed on the choice of plugin IDs (I chose the 9xxxx range, but custom plugins are supposed to be in the 6xxxx range, I think). 2) There's a perl script included that grabs the last three AV signature dates from Symantec. This script should be used like this to refresh the 24hr_savce_01.inc file: get-symantec-sigs.pl > /opt/nessus/var/nessus/plugins/24hr_savce_01.inc 3) The whole thing requires that you scan Windows systems with an account that can read the registry. 4) Please take the 24 Hour Fitness references out of the scripts before you use them. Good luck, John Scherff IT Security Manager 24 Hour Fitness -----Original Message----- From: Adrian Raduti [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2008 8:53 AM To: John Scherff Subject: RE: antivirus_installed.nasl Sure, please send me yours. I feel this will also help me in better learning the language. Appreciate your help Adrian On Thu, 2008-07-17 at 08:41 -0700, John Scherff wrote: > They're highly customized for our environment, but if you send me a > list of exactly what you need, I'll write a custom plugin for you (may > take a couple days... pretty busy over here). Or I can just send you > ours and let you hack them to fit your needs. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
