Hi,
one thing that I do not understand about the client-server model of
nessus is the role of file .nessusrc. Why are reports, user profiles,
etc. stored on the server side but not the nessus settings (i.e.
selected plugins etc.)?
If you want to test several network segments, it is a good idea to
create a separate nessus user for each segment. Since you do not want
to login and logout all the time, one Unix account will correspond to
several nessus accounts. Also you certainly want to test each network
with a different set of plugins. At the moment, these information are
stored in file .nessusrc and thus they apply to *all* nessus accounts if
you use a single Unix account.
Question: Why don't we store nessusrc at the server side? If you log in,
these settings should be passed to the client. If you log out, they are
sent back to the server.
Kind regards, Michael
--
=======================================================================
Michael Schmitt Telefon: +49 651 97551-40
Institut für Telematik Telefax: +49 651 97551-12
Bahnhofstrasse 30-32 WWW: http://www.ti.fhg.de
D-54292 Trier E-Mail: mailto:schmitt@ti.fhg.de
=======================================================================
one thing that I do not understand about the client-server model of
nessus is the role of file .nessusrc. Why are reports, user profiles,
etc. stored on the server side but not the nessus settings (i.e.
selected plugins etc.)?
If you want to test several network segments, it is a good idea to
create a separate nessus user for each segment. Since you do not want
to login and logout all the time, one Unix account will correspond to
several nessus accounts. Also you certainly want to test each network
with a different set of plugins. At the moment, these information are
stored in file .nessusrc and thus they apply to *all* nessus accounts if
you use a single Unix account.
Question: Why don't we store nessusrc at the server side? If you log in,
these settings should be passed to the client. If you log out, they are
sent back to the server.
Kind regards, Michael
--
=======================================================================
Michael Schmitt Telefon: +49 651 97551-40
Institut für Telematik Telefax: +49 651 97551-12
Bahnhofstrasse 30-32 WWW: http://www.ti.fhg.de
D-54292 Trier E-Mail: mailto:schmitt@ti.fhg.de
=======================================================================