Ok, does nessus run on 127.0.0.1:8834 ? Regards Fabrice
Le 2015-02-18 13:07, Delisle, Pierre-Luc a écrit : > The result is : > Nessus-6.2.1-es6.x64_64 > perl-Net-Nessus-XMLRPC-0.40-1.el6.noarch > > Thanks > > _____________________________ > Pierre-Luc Delisle > Département d'assurance qualité > Quality assurance department > Hewlett-Packard Networking > [email protected] > Téléphone: (514) 920-2511 T > Hewlett-Packard Company > 2344 Alfred-Nobel, 2e étage > Montréal, QC, H4S 0A4 > Canada > > > > -----Original Message----- > From: Fabrice DURAND [mailto:[email protected]] > Sent: Wednesday, February 18, 2015 12:59 PM > To: [email protected] > Subject: Re: [PacketFence-users] PacketFence ZEN 4.6.0 with Nessus 6.2.1 - > Cannot configure scan on registration > > Can you paste me the result of: > > rpm -qa|grep Nessus > > or > dpkg -i|grep nessus > > Thanks > Fabrice > > Le 2015-02-18 12:37, Delisle, Pierre-Luc a écrit : >> Thanks a lot for your answer. >> >> I've modified the pf.conf file according to your description. Unfortunately, >> when I restart the packetfence service (service packetfence restart), the >> config file revert back to this : >> >> [general] >> # >> # general.domain >> # >> # Domain name of PacketFence system. >> domain=secure.LAN >> # >> # general.hostname >> # >> # Hostname of PacketFence system. This is concatenated with the domain in >> Apache rewriting rules and therefore must be resolvable by clients. >> hostname=centos-packetfence >> >> [trapping] >> # >> # trapping.range >> # >> # Comma-delimited list of address ranges/CIDR blocks that PacketFence >> will monitor/detect/trap on. Gateway, network, and # broadcast addresses >> are ignored. >> range=192.168.0.0/16 >> >> [alerting] >> # >> # alerting.emailaddr >> # >> # Email address to which notifications of rogue DHCP servers, >> violations with an action of "email", or any other # PacketFence-related >> message goes to. >> [email protected] >> >> [scan] >> # >> # scan.engine >> # >> # Which scan engine to use to perform client-side policy compliance. >> engine=nessus >> # >> # scan.registration >> # >> # If this option is enabled, the PF system will scan each host after # >> registration is complete. >> registration=enabled >> # >> # scan.duration >> duration=15s >> # >> # scan.user >> # >> # Username to log into scanning engine with. >> user=administrator >> # >> # scan.pass >> # >> # Password to log into scanning engine with. >> pass=79Lubonja >> # >> # scan.nessus_clientpolicy >> # >> # Name of the remote policy on the nessus server >> nessus_clientpolicy=BasicNetScan >> >> [database] >> # >> # database.pass >> # >> # Password for the mysql database used by PacketFence. >> pass=79Lubonja >> >> [captive_portal] >> # >> # captive_portal.secure_redirect >> # >> # If secure_redirect is enabled, the captive portal uses HTTPS when >> redirecting # captured clients. This is the default behavior. >> secure_redirect=disabled >> >> [interface eth0.3058] >> ip=172.16.0.20 >> type=management >> mask=255.255.0.0 >> >> [interface eth0.3158] >> enforcement=inlinel2 >> ip=192.168.0.20 >> type=internal >> mask=255.255.0.0 >> >> >> >> I guess it discards the default value. >> >> I tried this config and still no scan is running in nessus and I still have >> the same fatal error in packetfence.log. >> >> _____________________________ >> Pierre-Luc Delisle >> Département d'assurance qualité >> Quality assurance department >> Hewlett-Packard Networking >> [email protected] >> Téléphone: (514) 920-2511 T >> Hewlett-Packard Company >> 2344 Alfred-Nobel, 2e étage >> Montréal, QC, H4S 0A4 >> Canada >> >> >> >> -----Original Message----- >> From: Fabrice DURAND [mailto:[email protected]] >> Sent: Wednesday, February 18, 2015 11:42 AM >> To: [email protected] >> Subject: Re: [PacketFence-users] PacketFence ZEN 4.6.0 with Nessus >> 6.2.1 - Cannot configure scan on registration >> >> Hello Pierre-Luc, >> >> it look like it miss stuff in your scan definition (host): >> >> [scan] >> # >> # scan.engine >> # >> # Which scan engine to use to perform client-side policy compliance. >> engine=nessus >> # >> # scan.duration >> # >> # Approximate duration of a scan. User being scanned on registration are >> presented a progress bar # for this duration, afterwards the browser >> refreshes until scan is complete. >> duration=15s >> # >> # scan.host >> # >> # Host the scanning engine is running on. For performance reasons, we # >> recommend running the scanning engine on a remote server. A passthrough will >> # be automagically created. >> host=10.0.0.1 >> # >> # scan.user >> # >> # Username to log into scanning engine with. >> user=administrator >> # >> # scan.pass >> # >> # Password to log into scanning engine with. >> pass=XXXXXXXXXXXXXXXXXXX #hidden >> # >> # scan.nessus_clientpolicy >> # >> # Name of the remote policy on the nessus server >> nessus_clientpolicy=BasicNetScan >> >> >> Regards >> Fabrice >> >> >> Le 2015-02-18 11:34, Delisle, Pierre-Luc a écrit : >>> Hi, >>> >>> >>> >>> It's been two days that I am trying to configure automatic system >>> scan on registration for PacketFence with Nessus and it doesn't work. >>> >>> >>> >>> So far, here is the setup : >>> >>> >>> >>> VM : PacketFence ZEN 4.6.0 + Nessus 6.2.1 >>> >>> Enforcement : Inline Enforcement >>> >>> Inline network : 192.168.0.0/16 >>> >>> Management network : 172.16.0.0/16 >>> Server IP : 172.16.0.20/16 >>> >>> >>> >>> Pf.conf file : >>> >>> >>> >>> [general] >>> >>> # >>> >>> # general.domain >>> >>> # >>> >>> # Domain name of PacketFence system. >>> >>> domain=secure.LAN >>> >>> # >>> >>> # general.hostname >>> >>> # >>> >>> # Hostname of PacketFence system. This is concatenated with the >>> domain in Apache rewriting rules and therefore must be resolvable by >>> clients. >>> >>> hostname=centos-packetfence >>> >>> >>> >>> [trapping] >>> >>> # >>> >>> # trapping.range >>> >>> # >>> >>> # Comma-delimited list of address ranges/CIDR blocks that PacketFence >>> will monitor/detect/trap on. Gateway, network, and >>> >>> # broadcast addresses are ignored. >>> >>> range=192.168.0.0/16 >>> >>> # >>> >>> # trapping.detection >>> >>> # >>> >>> # Enables snort-based worm detection. If you don't have a span >>> interface available, don't bother enabling it. If you do, >>> >>> # you'll most definately want this on. >>> >>> detection=enabled >>> >>> >>> >>> [alerting] >>> >>> # >>> >>> # alerting.emailaddr >>> >>> # >>> >>> # Email address to which notifications of rogue DHCP servers, >>> violations with an action of "email", or any other >>> >>> # PacketFence-related message goes to. >>> >>> [email protected] >>> >>> >>> >>> [scan] >>> >>> # >>> >>> # scan.engine >>> >>> # >>> >>> # Which scan engine to use to perform client-side policy compliance. >>> >>> engine=nessus >>> >>> # >>> >>> # scan.user >>> >>> # >>> >>> # Username to log into scanning engine with. >>> >>> user=administrator >>> >>> # >>> >>> # scan.pass >>> >>> # >>> >>> # Password to log into scanning engine with. >>> >>> pass=XXXXXXXXXXXXXXXXXXX #hidden >>> >>> # >>> >>> # scan.nessus_clientpolicy >>> >>> # >>> >>> # Name of the remote policy on the nessus server >>> >>> nessus_clientpolicy=BasicNetScan >>> >>> >>> >>> [database] >>> >>> # >>> >>> # database.pass >>> >>> # >>> >>> # Password for the mysql database used by PacketFence. >>> >>> pass=79Lubonja >>> >>> >>> >>> [captive_portal] >>> >>> # >>> >>> # captive_portal.secure_redirect >>> >>> # >>> >>> # If secure_redirect is enabled, the captive portal uses HTTPS when >>> redirecting >>> >>> # captured clients. This is the default behavior. >>> >>> secure_redirect=disabled >>> >>> >>> >>> [interface eth0.3058] >>> >>> ip=172.16.0.20 >>> >>> type=management >>> >>> mask=255.255.0.0 >>> >>> >>> >>> [interface eth0.3158] >>> >>> enforcement=inlinel2 >>> >>> ip=192.168.0.20 >>> >>> type=internal >>> >>> mask=255.255.0.0 >>> >>> >>> >>> >>> >>> network.conf >>> >>> >>> >>> [192.168.0.0] >>> >>> dns=192.168.1.1 >>> >>> dhcp_start=192.168.0.10 >>> >>> gateway=192.168.0.20 >>> >>> domain-name=inlinel2.secure.LAN >>> >>> nat_enabled=enabled >>> >>> named=enabled >>> >>> dhcp_max_lease_time=86400 >>> >>> fake_mac_enabled=disabled >>> >>> dhcpd=enabled >>> >>> dhcp_end=192.168.255.246 >>> >>> type=inlinel2 >>> >>> netmask=255.255.0.0 >>> >>> dhcp_default_lease_time=86400 >>> >>> >>> >>> >>> >>> violation.conf is untouched (default). >>> >>> >>> >>> >>> >>> Nessus service is up and running. I can log in and everything works. >>> >>> >>> >>> In packetfence.log, I have this line : >>> >>> >>> >>> Feb 18 11:16:32pfcmd.pl(14072) FATAL: Can't use string ("") as a HASH >>> ref while "strict refs" in use at >>> /usr/share/perl5/vendor_perl/Net/Nessus/XMLRPC.pm line 665. >>> >>> >>> >>> >>> >>> What's wrong with my setup. >>> >>> >>> >>> It's been 15+ hours I try this and get always the same result and I >>> don't know what to do. >>> >>> >>> >>> Thank you very much for any help you can provide. >>> >>> >>> >>> >>> >>> Pierre-Luc Delisle >>> >>> >>> >>> --------------------------------------------------------------------- >>> - >>> -------- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT >>> Server from Actuate! Instantly Supercharge Your Business Reports and >>> Dashboards with Interactivity, Sharing, Native Excel Exports, App >>> Integration & more Get technology previously reserved for >>> billion-dollar corporations, FREE >>> http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg. >>> clktrk >>> >>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> -- >> Fabrice Durand >> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and >> PacketFence (http://packetfence.org) >> >> >> ---------------------------------------------------------------------- >> -------- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT >> Server from Actuate! Instantly Supercharge Your Business Reports and >> Dashboards with Interactivity, Sharing, Native Excel Exports, App >> Integration & more Get technology previously reserved for >> billion-dollar corporations, FREE >> http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg. >> clktrk _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Fabrice Durand > [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. > :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
