Mailing List Archive

[that should be a FAQ]
"Vesselin Peev" <vpeev@ewa-bg.com> writes:

> What is the status of the Nessus server part on Cygwin?

Unsupported.

> Has anyone succeeded in building it and running it

Yes. I had to rewrite a couple of C plugins in NASL.

> without problems?

I wouldn't say so.

> If not, what are the major issues that need to be addressed?

Horribly slow. Probably unreliable.

The speed issue cannot be fixed, it comes from Cygwin emulation of
fork. And you cannot fix Cygwin either, the problem is in Windows.

Your solution may be http://www.tenablesecurity.com/newt.html

On Thu, 4 Dec 2003, Vesselin Peev wrote:

> What is the status of the Nessus server part on Cygwin?
> Has anyone succeeded in building it and running it without problems?


I am not aware of any success running Nessus on Windows using Cygwin. Take
a look through the archives of the Nessus lists - this topic has come up
many times. If you need to run Nessus on a Windows box, your best bet
would be to consider Newt from Tenable Security:

http://www.tenablesecurity.com/newt.html

~Jay

..
.. Jay Jacobson
.. Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com
..
.. Managed Vulnerability Assessment
.. Services for Information Security Professionals
..

On Thu, Dec 04, 2003 at 02:00:38AM -0700, Jay Jacobson wrote:
> On Thu, 4 Dec 2003, Vesselin Peev wrote:
>
> > What is the status of the Nessus server part on Cygwin?
> > Has anyone succeeded in building it and running it without problems?
>
>
> I am not aware of any success running Nessus on Windows using Cygwin. Take
> a look through the archives of the Nessus lists - this topic has come up
> many times.

I actually I did manage to compile Nessus once with cygwin, after having
spent a long time on it. If you look at the various build scripts,
you'll actually notice some cygwin hooks.

The problem is that once compiled under cygwin, you get a very very slow
nessusd. Why ? Because nessusd uses fork(). Tons of it. A heavy scan
can trigger a couple of dozen of fork() each second. On Unix systems,
fork() is a very cheap operation so that works fine. On Win32, there is
no fork() call, so cygwin emulates one by loading the binary in memory
and copying its stack and heap in it. That's very intensive memory wise
and CPU wise, up to the point that it makes Nessus barely useable.

So in that regard, NeWT is definitely the way to go.


-- Renaud

Renaud Deraison wrote:

> The problem is that once compiled under cygwin, you get a very very slow
> nessusd. Why ? Because nessusd uses fork(). Tons of it. A heavy scan
> can trigger a couple of dozen of fork() each second. On Unix systems,
> fork() is a very cheap operation so that works fine. On Win32, there is
> no fork() call, so cygwin emulates one by loading the binary in memory
> and copying its stack and heap in it. That's very intensive memory wise
> and CPU wise, up to the point that it makes Nessus barely useable.
>

Maybe it's worth adding it to the FAQ since this has shown up in the
lists more than once. The entry " Is Nessus going to be ported to
Windows based systems?" could maybe include this information...

Regards

Javi

BTW: The FAQ at the Nessus site looks very updated
(http://www.nessus.org/doc/faq.html is date april 29th 2002 while
http://hvdkooij.xs4all.nl/docs/Nessus-FAQ.html is dated 19 july 2003)

On Thu, Dec 04, 2003 at 10:34:29AM +0200, Vesselin Peev wrote:
> Hello,
>
> What is the status of the Nessus server part on Cygwin?
> Has anyone succeeded in building it and running it without problems?
> If not, what are the major issues that need to be addressed?

Please read the mailing list archives on this issue. Yes it can be
built, however it will bring the most macho dual p4 at 4ghz to its knees
due to the poor fork() workaround cygwin implements, thus rendering
nessusd nearly unuseable.



-- Renaud