So, i'm working off the GPL dont_scan_printers.nasl script, and i
cannot figure out why i'm not getting anything back when I hit the
snmp port
--code--
if ( get_kb_item("SNMP/community") )
{
port = get_kb_item("SNMP/port");
community = get_kb_item("SNMP/community");
soc = open_sock_udp (port);
if ( soc )
{
security_note(port:port, data: port);
security_note(port:port, data: community);
desc = snmp_request(socket:soc, community:community, oid:".1.3");
close(soc);
if (! desc)
{
security_note(port:port, data: string("no description"));
}
security_note(port:port, data:desc);
}
}
and a sanity check to the kbs
grep "SNMP/port" /opt/nessus/var/nessus/users/user/kbs/host
1159306678 3 SNMP/port=161
Now, I get some output from this:
/opt/nessus/bin/nasl -k /opt/nessus/var/nessus/users/user/kbs/host -t
prt1396 snmpwalk_portscan.nasl Doug_dont_Scan_printers.nasl
Nessus snmp scanner was able to retrieve the open port list with the
community name public
public
no desc
Doug_dont_Scan_printers.nasl: Success
You'll see, it doesn't output the port, which is interesting... it
should be there. I can snmpget on this port and get the appropriate
key (infact, i can snmpwalk the whole thing)
More importantly though, it doesn't return any of the description...
it doesn't exist. Anyone have any idea why it wouldn't be working?
Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland";
but that's because it's the best book on anything for the layman.
cannot figure out why i'm not getting anything back when I hit the
snmp port
--code--
if ( get_kb_item("SNMP/community") )
{
port = get_kb_item("SNMP/port");
community = get_kb_item("SNMP/community");
soc = open_sock_udp (port);
if ( soc )
{
security_note(port:port, data: port);
security_note(port:port, data: community);
desc = snmp_request(socket:soc, community:community, oid:".1.3");
close(soc);
if (! desc)
{
security_note(port:port, data: string("no description"));
}
security_note(port:port, data:desc);
}
}
and a sanity check to the kbs
grep "SNMP/port" /opt/nessus/var/nessus/users/user/kbs/host
1159306678 3 SNMP/port=161
Now, I get some output from this:
/opt/nessus/bin/nasl -k /opt/nessus/var/nessus/users/user/kbs/host -t
prt1396 snmpwalk_portscan.nasl Doug_dont_Scan_printers.nasl
Nessus snmp scanner was able to retrieve the open port list with the
community name public
public
no desc
Doug_dont_Scan_printers.nasl: Success
You'll see, it doesn't output the port, which is interesting... it
should be there. I can snmpget on this port and get the appropriate
key (infact, i can snmpwalk the whole thing)
More importantly though, it doesn't return any of the description...
it doesn't exist. Anyone have any idea why it wouldn't be working?
Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland";
but that's because it's the best book on anything for the layman.