Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. devel
User Rules: Global or Scope-specific?
jan at intevation
Oct 7, 2004, 3:29 AM
Post #1 of 3 (1687 views)
Permalink
Hi,

I wonder whether for the new GUI the User Rules should be made
a global preference or whether they should be specific
for each Scope.

Any opinions welcome!

Jan

--
Jan-Oliver Wagner http://intevation.de/~jan/

Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/
Re: User Rules: Global or Scope-specific? [ In reply to ]
thomas at intevation
Oct 7, 2004, 5:36 AM
Post #2 of 3 (1611 views)
Permalink
* Jan-Oliver Wagner <jan@intevation.de> [20041007 12:30]:
> I wonder whether for the new GUI the User Rules should be made
> a global preference or whether they should be specific
> for each Scope.

There can be a special case where some IP on one nessusd is not the
same as the same IP on another nessusd, if the client talks to a
nessusd through a VPN or SSH tunnel.

On the other hand, if I tell my nessus client to not scan FOO, I
really don't want to scan FOO, not even if I mistype a host name in
another scope.

A solution for this might be if preferences are inherited from
global to task to scope. But the we get the problem of conflict
resolution if a global rule is added, but there already is a scope
rule.

Thomas

--
Email: thomas@intevation.de
http://intevation.de/~thomas/
Re: Re: User Rules: Global or Scope-specific? [ In reply to ]
jan at intevation
Nov 11, 2004, 7:36 AM
Post #3 of 3 (1612 views)
Permalink
Hi,

Just for the archive:
The new implementation of the rules allows to have rules defined in
the global settings.
Those are used as defaults when creating a new scope.
However, the rules in the scope can individually be modified.
IMHO thats the most flexible and helpful solution.

Best

Jan
On Thu, Oct 07, 2004 at 02:36:23PM +0200, Thomas Arendsen Hein wrote:
> * Jan-Oliver Wagner <jan@intevation.de> [20041007 12:30]:
> > I wonder whether for the new GUI the User Rules should be made
> > a global preference or whether they should be specific
> > for each Scope.
>
> There can be a special case where some IP on one nessusd is not the
> same as the same IP on another nessusd, if the client talks to a
> nessusd through a VPN or SSH tunnel.
>
> On the other hand, if I tell my nessus client to not scan FOO, I
> really don't want to scan FOO, not even if I mistype a host name in
> another scope.
>
> A solution for this might be if preferences are inherited from
> global to task to scope. But the we get the problem of conflict
> resolution if a global rule is added, but there already is a scope
> rule.
>
> Thomas
>
> --
> Email: thomas@intevation.de
> http://intevation.de/~thomas/
> _______________________________________________
> Nessus-devel mailing list
> Nessus-devel@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus-devel

--
Jan-Oliver Wagner http://intevation.de/~jan/

Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal