Hi,
for some bookkeeping reason I'd like to know which attacks where
actually launched. Currently I'm parsing nessusd.messages for this
purpose. Is there a better solution for this?
Parsing nessusd.messages is also difficult because it only contains the
plugin names but not the plugin ID's. I patched nessusd locally to
include the ID's in the output. Any chance to include something like
this in the next release?
--nk
Index: nessus-core/nessusd/attack.c
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessusd/attack.c,v
retrieving revision 1.142
diff -u -r1.142 attack.c
--- nessus-core/nessusd/attack.c 24 May 2002 10:37:04 -0000 1.142
+++ nessus-core/nessusd/attack.c 25 Jun 2002 00:32:44 -0000
@@ -202,9 +202,10 @@
(category == ACT_DESTRUCTIVE_ATTACK ||
category == ACT_DENIAL))
{
- log_write("user %s : Not launching %s against %s %s (this is not an error)\n",
+ log_write("user %s : Not launching %s<%d> against %s %s (this is not an error)\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
"because safe checks are enabled");
return 0;
@@ -236,9 +237,10 @@
* ACT_SCANNER, ACT_GATHER_INFO, ACT_ATTACK and ACT_DENIAL
*/
if(preferences_log_whole_attack(preferences))
- log_write("user %s : Not launching %s against %s %s (this is not an error)\n",
+ log_write("user %s : Not launching %s<%d> against %s %s (this is not an error)\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
"because it has already been launched in the past");
@@ -264,9 +266,10 @@
if(preferences_log_whole_attack(preferences))
- log_write("user %s : launching %s against %s [%d]\n",
+ log_write("user %s : launching %s<%d> against %s [%d]\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
pid);
for some bookkeeping reason I'd like to know which attacks where
actually launched. Currently I'm parsing nessusd.messages for this
purpose. Is there a better solution for this?
Parsing nessusd.messages is also difficult because it only contains the
plugin names but not the plugin ID's. I patched nessusd locally to
include the ID's in the output. Any chance to include something like
this in the next release?
--nk
Index: nessus-core/nessusd/attack.c
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessusd/attack.c,v
retrieving revision 1.142
diff -u -r1.142 attack.c
--- nessus-core/nessusd/attack.c 24 May 2002 10:37:04 -0000 1.142
+++ nessus-core/nessusd/attack.c 25 Jun 2002 00:32:44 -0000
@@ -202,9 +202,10 @@
(category == ACT_DESTRUCTIVE_ATTACK ||
category == ACT_DENIAL))
{
- log_write("user %s : Not launching %s against %s %s (this is not an error)\n",
+ log_write("user %s : Not launching %s<%d> against %s %s (this is not an error)\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
"because safe checks are enabled");
return 0;
@@ -236,9 +237,10 @@
* ACT_SCANNER, ACT_GATHER_INFO, ACT_ATTACK and ACT_DENIAL
*/
if(preferences_log_whole_attack(preferences))
- log_write("user %s : Not launching %s against %s %s (this is not an error)\n",
+ log_write("user %s : Not launching %s<%d> against %s %s (this is not an error)\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
"because it has already been launched in the past");
@@ -264,9 +266,10 @@
if(preferences_log_whole_attack(preferences))
- log_write("user %s : launching %s against %s [%d]\n",
+ log_write("user %s : launching %s<%d> against %s [%d]\n",
attack_user_name(globals),
plugins->name,
+ (int)arg_get_value(arg_get_value(plugins->value, "plugin_args"), "ID"),
hostname,
pid);