Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. devel
Stability of nessus DB scheme
michael.boman at securecirt
Mar 6, 2003, 11:18 PM
Post #1 of 4 (612 views)
Permalink
How stable is the nessus DB scheme (not code, the scheme itself). Really
want to get the reports in the DB, so I am thinking about cooking up
a XML->DB parser for now until DB code is release quality.. I however
don't want to get the wonderful task of re-converting them again once
the DB scheme is out, so I wonder how "stable" the DB scheme is.. is it
more or less ready-to-use, or?

Best regards
Michael Boman

--
Michael Boman
Security Architect, SecureCiRT Pte Ltd
http://www.securecirt.com
Re: Stability of nessus DB scheme [ In reply to ]
jfernandez at germinus
Mar 7, 2003, 1:15 AM
Post #2 of 4 (615 views)
Permalink
Michael Boman wrote:
> How stable is the nessus DB scheme (not code, the scheme itself). Really
> want to get the reports in the DB, so I am thinking about cooking up
> a XML->DB parser for now until DB code is release quality.. I however
> don't want to get the wonderful task of re-converting them again once
> the DB scheme is out, so I wonder how "stable" the DB scheme is.. is it
> more or less ready-to-use, or?

It is, as you say, more or less ready to use. There are some quirks that
need fixing (see the TODO) which are planned, however. In any case, the
schema needs to undergo testing in the sense that someone has to take
reports, move them to a database and start trying to extract information
and see if the queries make any sense.

For this task I developed a tool to parse NBE files into a database. If
you want to, check out the import-nbe script under
nessus-tools/nessus-extract/

You will also find there a list of tools to generate automatically the
"stable" tables of the schema, ie:

- the services/protocol tables (using create-service-proto.pl)
- the plugins table (using nessus-extract).

All these have been modified in the NESSUS_SQL branch:
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/nessus-tools/nessus-extract/?hideattic=0&only_with_tag=NESSUS_SQL#dirlist

I would appreciate it if you could forward to the list the results of
your tests.

Hope I have answered all your questions.


Javi
Re: Stability of nessus DB scheme [ In reply to ]
jeffrey.lim at securecirt
Mar 7, 2003, 4:50 AM
Post #3 of 4 (608 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 07 March 2003 16:15, Javier Fernandez-Sanguino wrote:
>
> You will also find there a list of tools to generate automatically the
> "stable" tables of the schema, ie:
>
> - the services/protocol tables (using create-service-proto.pl)
> - the plugins table (using nessus-extract).
>

hi Javier, i've taken a look at create-service-proto.pl, and it seems to refer
to one file '/var/lib/nessus/services.txt'. I dont believe i have that on the
development system that we use. Is this a standard file somewhere?

Additionally, do you happen to have any sql create scripts for the tables that
we need for. I see some commented create statements for postgres in
nessus-extract.pl (from the url you gave
[http://cvs.nessus.org/cgi-bin/cvsweb.cgi/nessus-tools/nessus-extract/?hideattic=0&only_with_tag=NESSUS_SQL#dirlist]
), but no create statements in create-service-proto.pl

If it helps, i'm using nessus 2.0.1.

Thanks

- -jf


- --
Jeffrey Lim
Security Engineer

SecureCiRT Pte Ltd
Blk 750C Chai Chee Road
#04-01 Technopark@ChaiChee
Singapore 469003
Tel: 6243 6800 DID: 6243 6802
Fax: 6441 5119
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+aIeBTHq81lr912QRAk9JAKCOfdLWwrempNOSt5ngutospBa+0ACdEhCM
LBluej6JELHup1nZgmgj0Ws=
=iHVa
-----END PGP SIGNATURE-----
Re: Stability of nessus DB scheme [ In reply to ]
jfernandez at germinus
Mar 7, 2003, 5:08 AM
Post #4 of 4 (620 views)
Permalink
Jeffrey Lim wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Friday 07 March 2003 16:15, Javier Fernandez-Sanguino wrote:
>
>>You will also find there a list of tools to generate automatically the
>>"stable" tables of the schema, ie:
>>
>>- the services/protocol tables (using create-service-proto.pl)
>>- the plugins table (using nessus-extract).
>>
>
>
> hi Javier, i've taken a look at create-service-proto.pl, and it seems to refer
> to one file '/var/lib/nessus/services.txt'. I dont believe i have that on the
> development system that we use. Is this a standard file somewhere?
>
Yep. Sorry, that's Debian specific. In your case it will probably be
/var/nessus/services.txt. It's the file that nessusd creates based on
nmap's services file and your local /etc/services.
In any case it has the /etc/services format so you can easily test it
with that one.


> Additionally, do you happen to have any sql create scripts for the tables that
> we need for. I see some commented create statements for postgres in
> nessus-extract.pl (from the url you gave
> [http://cvs.nessus.org/cgi-bin/cvsweb.cgi/nessus-tools/nessus-extract/?hideattic=0&only_with_tag=NESSUS_SQL#dirlist]
> ), but no create statements in create-service-proto.pl
>
> If it helps, i'm using nessus 2.0.1.

The CREATE statement should be taken from the database documentation.
You will find at:
http://cvs.nessus.org/cgi-bin/cvsweb.cgi/nessus-core/doc/database/?hideattic=0&only_with_tag=NESSUS_SQL#dirlist

a list of sql statements for Postgres and MySQL (Which are made based on
the schema). Do not use the ones in the script (they are obsolete, I
will remove them)

Regards

Javi

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal