Can you paste me the result of: rpm -qa|grep Nessus
or dpkg -i|grep nessus Thanks Fabrice Le 2015-02-18 12:37, Delisle, Pierre-Luc a écrit : > Thanks a lot for your answer. > > I've modified the pf.conf file according to your description. Unfortunately, > when I restart the packetfence service (service packetfence restart), the > config file revert back to this : > > [general] > # > # general.domain > # > # Domain name of PacketFence system. > domain=secure.LAN > # > # general.hostname > # > # Hostname of PacketFence system. This is concatenated with the domain in > Apache rewriting rules and therefore must be resolvable by clients. > hostname=centos-packetfence > > [trapping] > # > # trapping.range > # > # Comma-delimited list of address ranges/CIDR blocks that PacketFence will > monitor/detect/trap on. Gateway, network, and > # broadcast addresses are ignored. > range=192.168.0.0/16 > > [alerting] > # > # alerting.emailaddr > # > # Email address to which notifications of rogue DHCP servers, violations with > an action of "email", or any other > # PacketFence-related message goes to. > [email protected] > > [scan] > # > # scan.engine > # > # Which scan engine to use to perform client-side policy compliance. > engine=nessus > # > # scan.registration > # > # If this option is enabled, the PF system will scan each host after > # registration is complete. > registration=enabled > # > # scan.duration > duration=15s > # > # scan.user > # > # Username to log into scanning engine with. > user=administrator > # > # scan.pass > # > # Password to log into scanning engine with. > pass=79Lubonja > # > # scan.nessus_clientpolicy > # > # Name of the remote policy on the nessus server > nessus_clientpolicy=BasicNetScan > > [database] > # > # database.pass > # > # Password for the mysql database used by PacketFence. > pass=79Lubonja > > [captive_portal] > # > # captive_portal.secure_redirect > # > # If secure_redirect is enabled, the captive portal uses HTTPS when > redirecting > # captured clients. This is the default behavior. > secure_redirect=disabled > > [interface eth0.3058] > ip=172.16.0.20 > type=management > mask=255.255.0.0 > > [interface eth0.3158] > enforcement=inlinel2 > ip=192.168.0.20 > type=internal > mask=255.255.0.0 > > > > I guess it discards the default value. > > I tried this config and still no scan is running in nessus and I still have > the same fatal error in packetfence.log. > > _____________________________ > Pierre-Luc Delisle > Département d'assurance qualité > Quality assurance department > Hewlett-Packard Networking > [email protected] > Téléphone: (514) 920-2511 T > Hewlett-Packard Company > 2344 Alfred-Nobel, 2e étage > Montréal, QC, H4S 0A4 > Canada > > > > -----Original Message----- > From: Fabrice DURAND [mailto:[email protected]] > Sent: Wednesday, February 18, 2015 11:42 AM > To: [email protected] > Subject: Re: [PacketFence-users] PacketFence ZEN 4.6.0 with Nessus 6.2.1 - > Cannot configure scan on registration > > Hello Pierre-Luc, > > it look like it miss stuff in your scan definition (host): > > [scan] > # > # scan.engine > # > # Which scan engine to use to perform client-side policy compliance. > engine=nessus > # > # scan.duration > # > # Approximate duration of a scan. User being scanned on registration are > presented a progress bar # for this duration, afterwards the browser > refreshes until scan is complete. > duration=15s > # > # scan.host > # > # Host the scanning engine is running on. For performance reasons, we # > recommend running the scanning engine on a remote server. A passthrough will > # be automagically created. > host=10.0.0.1 > # > # scan.user > # > # Username to log into scanning engine with. > user=administrator > # > # scan.pass > # > # Password to log into scanning engine with. > pass=XXXXXXXXXXXXXXXXXXX #hidden > # > # scan.nessus_clientpolicy > # > # Name of the remote policy on the nessus server > nessus_clientpolicy=BasicNetScan > > > Regards > Fabrice > > > Le 2015-02-18 11:34, Delisle, Pierre-Luc a écrit : >> Hi, >> >> >> >> It's been two days that I am trying to configure automatic system scan >> on registration for PacketFence with Nessus and it doesn't work. >> >> >> >> So far, here is the setup : >> >> >> >> VM : PacketFence ZEN 4.6.0 + Nessus 6.2.1 >> >> Enforcement : Inline Enforcement >> >> Inline network : 192.168.0.0/16 >> >> Management network : 172.16.0.0/16 >> Server IP : 172.16.0.20/16 >> >> >> >> Pf.conf file : >> >> >> >> [general] >> >> # >> >> # general.domain >> >> # >> >> # Domain name of PacketFence system. >> >> domain=secure.LAN >> >> # >> >> # general.hostname >> >> # >> >> # Hostname of PacketFence system. This is concatenated with the >> domain in Apache rewriting rules and therefore must be resolvable by >> clients. >> >> hostname=centos-packetfence >> >> >> >> [trapping] >> >> # >> >> # trapping.range >> >> # >> >> # Comma-delimited list of address ranges/CIDR blocks that PacketFence >> will monitor/detect/trap on. Gateway, network, and >> >> # broadcast addresses are ignored. >> >> range=192.168.0.0/16 >> >> # >> >> # trapping.detection >> >> # >> >> # Enables snort-based worm detection. If you don't have a span >> interface available, don't bother enabling it. If you do, >> >> # you'll most definately want this on. >> >> detection=enabled >> >> >> >> [alerting] >> >> # >> >> # alerting.emailaddr >> >> # >> >> # Email address to which notifications of rogue DHCP servers, >> violations with an action of "email", or any other >> >> # PacketFence-related message goes to. >> >> [email protected] >> >> >> >> [scan] >> >> # >> >> # scan.engine >> >> # >> >> # Which scan engine to use to perform client-side policy compliance. >> >> engine=nessus >> >> # >> >> # scan.user >> >> # >> >> # Username to log into scanning engine with. >> >> user=administrator >> >> # >> >> # scan.pass >> >> # >> >> # Password to log into scanning engine with. >> >> pass=XXXXXXXXXXXXXXXXXXX #hidden >> >> # >> >> # scan.nessus_clientpolicy >> >> # >> >> # Name of the remote policy on the nessus server >> >> nessus_clientpolicy=BasicNetScan >> >> >> >> [database] >> >> # >> >> # database.pass >> >> # >> >> # Password for the mysql database used by PacketFence. >> >> pass=79Lubonja >> >> >> >> [captive_portal] >> >> # >> >> # captive_portal.secure_redirect >> >> # >> >> # If secure_redirect is enabled, the captive portal uses HTTPS when >> redirecting >> >> # captured clients. This is the default behavior. >> >> secure_redirect=disabled >> >> >> >> [interface eth0.3058] >> >> ip=172.16.0.20 >> >> type=management >> >> mask=255.255.0.0 >> >> >> >> [interface eth0.3158] >> >> enforcement=inlinel2 >> >> ip=192.168.0.20 >> >> type=internal >> >> mask=255.255.0.0 >> >> >> >> >> >> network.conf >> >> >> >> [192.168.0.0] >> >> dns=192.168.1.1 >> >> dhcp_start=192.168.0.10 >> >> gateway=192.168.0.20 >> >> domain-name=inlinel2.secure.LAN >> >> nat_enabled=enabled >> >> named=enabled >> >> dhcp_max_lease_time=86400 >> >> fake_mac_enabled=disabled >> >> dhcpd=enabled >> >> dhcp_end=192.168.255.246 >> >> type=inlinel2 >> >> netmask=255.255.0.0 >> >> dhcp_default_lease_time=86400 >> >> >> >> >> >> violation.conf is untouched (default). >> >> >> >> >> >> Nessus service is up and running. I can log in and everything works. >> >> >> >> In packetfence.log, I have this line : >> >> >> >> Feb 18 11:16:32pfcmd.pl(14072) FATAL: Can't use string ("") as a HASH >> ref while "strict refs" in use at >> /usr/share/perl5/vendor_perl/Net/Nessus/XMLRPC.pm line 665. >> >> >> >> >> >> What's wrong with my setup. >> >> >> >> It's been 15+ hours I try this and get always the same result and I >> don't know what to do. >> >> >> >> Thank you very much for any help you can provide. >> >> >> >> >> >> Pierre-Luc Delisle >> >> >> >> ---------------------------------------------------------------------- >> -------- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT >> Server from Actuate! Instantly Supercharge Your Business Reports and >> Dashboards with Interactivity, Sharing, Native Excel Exports, App >> Integration & more Get technology previously reserved for >> billion-dollar corporations, FREE >> http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg. >> clktrk >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Fabrice Durand > [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. > :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
