Greetings,
I've spent some time trying to get the local security checks to work
with nessus 2.1.2. My nessus server/client is a RedHat 8.0 with nessus
2.1.2 (including nasl and libnessus) and SSL is enabled. I'm attempting
to run the local security checks on both the Red Hat box and a Solaris 8
box I have. Neither have been patched of lately, so there definitely
should be some hits on the local security checks. Details of both
follow.
Nessus settings selected:
- Plugins (Solaris Local Security Checks or Red Hat Local
Security Checks)
- Enable Dependencies at Runtime
- Enable expirimental Scripts
- Thorough Tests
- Reporting (Verbose, Paranoid)
- Log Verbosity (Debug 0)
For the Solaris box I get an SSH info message stating:
It was possible to log into the remote host using the supplied asymetric
keys;The output of 'uname -a is ;: SunOS unknown 5.8 Generic 108528-23
sunru sparc SUNW,Sun-Blade-100;; Local security checks have been enabled
for this host. According to nessusd.messages, all of the Soiaris
plugins get run against it. I know for a that many of the patches the
plugins check for are not on my system. Is there any reason that these
are not reported, or maybe am I doing something wrong.
For the RedHat Box I get the follwing SSH info:
It was possible to log into the remote host using the supplied asymetric
keys;The output of "uname -a" is: Linux pikelinux 2.4.18-14 #1 Wed Sep
4 13:35:50 EDT2002 i686 8686 8386 GUN/Linux. The remote linux
distribution is not supported, therfore local security checks have not
been enabled.
Any help or guidance would be appreciated.
Thanks,
Jeff
I've spent some time trying to get the local security checks to work
with nessus 2.1.2. My nessus server/client is a RedHat 8.0 with nessus
2.1.2 (including nasl and libnessus) and SSL is enabled. I'm attempting
to run the local security checks on both the Red Hat box and a Solaris 8
box I have. Neither have been patched of lately, so there definitely
should be some hits on the local security checks. Details of both
follow.
Nessus settings selected:
- Plugins (Solaris Local Security Checks or Red Hat Local
Security Checks)
- Enable Dependencies at Runtime
- Enable expirimental Scripts
- Thorough Tests
- Reporting (Verbose, Paranoid)
- Log Verbosity (Debug 0)
For the Solaris box I get an SSH info message stating:
It was possible to log into the remote host using the supplied asymetric
keys;The output of 'uname -a is ;: SunOS unknown 5.8 Generic 108528-23
sunru sparc SUNW,Sun-Blade-100;; Local security checks have been enabled
for this host. According to nessusd.messages, all of the Soiaris
plugins get run against it. I know for a that many of the patches the
plugins check for are not on my system. Is there any reason that these
are not reported, or maybe am I doing something wrong.
For the RedHat Box I get the follwing SSH info:
It was possible to log into the remote host using the supplied asymetric
keys;The output of "uname -a" is: Linux pikelinux 2.4.18-14 #1 Wed Sep
4 13:35:50 EDT2002 i686 8686 8386 GUN/Linux. The remote linux
distribution is not supported, therfore local security checks have not
been enabled.
Any help or guidance would be appreciated.
Thanks,
Jeff