[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus
Subject: Re: Running NASL on command line returns no results on known
From: Erik Stephens <erik () edgeos ! com>
Date: 2004-10-28 15:18:19
Message-ID: 992D203E-28F4-11D9-B35E-000D932DF9DE () edgeos ! com
[Download RAW message or body]
On Oct 28, 2004, at 7:54 AM, Chuck Gwan wrote:
> OS of scanning host: Linux 2.4.21
> Nessus version: 2.0.12
>
> If I run a full nessus scan on "10.0.0.1", I get a lot of warnings and
> a couple of security holes listed. One of the security holes listed
> is generated by openssh_36.nasl. I am doing all of this from the
> command line.
>
> However, when I run:
>
> nasl -T /tmp/debug -t 10.0.0.1 openssh_36.nasl
>
> I get no output at all. Nasl just returns with a return value of 0.
> I have included the debug below. What should nasl be returning, I
> know this machine should trigger that rule. If I want to test a bunch
> of machines against a single nasl rule on the command line, what is
> the best way to do this?
That plugin seems to get the banner from the knowledge base:
banner = get_kb_item("SSH/banner/" + port);
Using nasl from the command line, the knowledge base is effectively
empty. This is a common gotcha when using nasl from command line: make
sure the plugin doesn't critically depend on the knowledge base.
Best regards,
Erik Stephens
www.edgeos.com
Managed Vulnerability
Assessment Services
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic