Josh,
What I'm currently doing is to save the report as .nbe, then
grep -E -i "risk factor[[:space:]]*:[[:space:]]high"
on the saved .nbe file, then
nessus -i output-of-grep.nbe -o holes-only.html
and mail that to the admins of the machines in question.
There's a pending patch that will allow you to pipe the result of the
grep into nessus, something like this:
grep foo | nessus -i - -o holes-only.html
Hope this helps,
Gabriel
On Fri, Apr 04, 2003 at 12:16:34PM -0500, Rivel, Josh wrote:
> I apologize if this has been covered previously or is on a web site
> somewhere, my searches
> didn't yield anything.
>
> I was wondering if there's a way to tell nessus to only show security holes,
> not warnings
> or notes. The holes are normally all we're interested in, esp. for scans of
> multiple
> subnets, to see for 1000+ hosts that they are reachable via ICMP or
> something isn't that
> helpful for us :)
>
> Thanks,
> Josh
What I'm currently doing is to save the report as .nbe, then
grep -E -i "risk factor[[:space:]]*:[[:space:]]high"
on the saved .nbe file, then
nessus -i output-of-grep.nbe -o holes-only.html
and mail that to the admins of the machines in question.
There's a pending patch that will allow you to pipe the result of the
grep into nessus, something like this:
grep foo | nessus -i - -o holes-only.html
Hope this helps,
Gabriel
On Fri, Apr 04, 2003 at 12:16:34PM -0500, Rivel, Josh wrote:
> I apologize if this has been covered previously or is on a web site
> somewhere, my searches
> didn't yield anything.
>
> I was wondering if there's a way to tell nessus to only show security holes,
> not warnings
> or notes. The holes are normally all we're interested in, esp. for scans of
> multiple
> subnets, to see for 1000+ hosts that they are reachable via ICMP or
> something isn't that
> helpful for us :)
>
> Thanks,
> Josh