High, this is my first message on this mailing list, I hope it is relevant here.
I would like to scan vulnerabilities on a class C network.
I am evaluating several products (Nessus, Qualys, Rapid7, nCircle, Secunia, eEye, GFI LanGuard, etc.).
I like the Nessus scanner but I am a bit puzzled with the report part.
The Tenable Security Center does a lot of things, but the price is too high to manage about a hundred of hosts.
The 2 basic things I am looking for are:
- generate a report called hereafter "R1" displaying the number of holes/warning/notes for each scanned host, and the details for the holes/warnings only,
- generate a "trend report" called hereafter "R2": a graphic displaying the time evolution of number of scanned hosts, numbers of holes, numbers of warnings.
I found a XSL file that enabled me to generate R1, but this XSL transformation must be used with the Nessus version 2 XML report file generated by the Nessus 3.0.6 client on Windows.
Is it possible to generate a Nessus version 2 XML report file with a Nessus 3.2.x software ?
What should I use in order to be able to generate R1, using for input the Nessus "version 3" XML file (.nessus file, beginning by <NessusClientData>) generated by the Nessus 3.2.x software (multiplatform) ?
What should I use to generate R2 ? A very basic solution could be to generate the graphic using MS Excel/ OpenOffice Calc by manually entering the figures retrieved from the Nessus report.
Otherwise, I found Nessconnect, that seems to be interesting for my purpose, but:
- I do not know if this software is reliable and fully compatible with Nessus 3.2 and future versions,
- I am not satisfied with the default reports and I do not know yet how to generate custom report,
- the scan results and reports seems to be save in binary file ("session"), that may be a problem in the future if evolution is required and the software is no longer supported.
Do you know other software, preferably open source, able to generate custom reports R1 and R2 with a Nessus 3.2 scanner ?
Thanks for your feedback, that might be helpful for other people, as I am obviously not the only one guy that would like to use the Nessus scanner AND would like to have custom and efficient reports...
Philippe.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
I would like to scan vulnerabilities on a class C network.
I am evaluating several products (Nessus, Qualys, Rapid7, nCircle, Secunia, eEye, GFI LanGuard, etc.).
I like the Nessus scanner but I am a bit puzzled with the report part.
The Tenable Security Center does a lot of things, but the price is too high to manage about a hundred of hosts.
The 2 basic things I am looking for are:
- generate a report called hereafter "R1" displaying the number of holes/warning/notes for each scanned host, and the details for the holes/warnings only,
- generate a "trend report" called hereafter "R2": a graphic displaying the time evolution of number of scanned hosts, numbers of holes, numbers of warnings.
I found a XSL file that enabled me to generate R1, but this XSL transformation must be used with the Nessus version 2 XML report file generated by the Nessus 3.0.6 client on Windows.
Is it possible to generate a Nessus version 2 XML report file with a Nessus 3.2.x software ?
What should I use in order to be able to generate R1, using for input the Nessus "version 3" XML file (.nessus file, beginning by <NessusClientData>) generated by the Nessus 3.2.x software (multiplatform) ?
What should I use to generate R2 ? A very basic solution could be to generate the graphic using MS Excel/ OpenOffice Calc by manually entering the figures retrieved from the Nessus report.
Otherwise, I found Nessconnect, that seems to be interesting for my purpose, but:
- I do not know if this software is reliable and fully compatible with Nessus 3.2 and future versions,
- I am not satisfied with the default reports and I do not know yet how to generate custom report,
- the scan results and reports seems to be save in binary file ("session"), that may be a problem in the future if evolution is required and the software is no longer supported.
Do you know other software, preferably open source, able to generate custom reports R1 and R2 with a Nessus 3.2 scanner ?
Thanks for your feedback, that might be helpful for other people, as I am obviously not the only one guy that would like to use the Nessus scanner AND would like to have custom and efficient reports...
Philippe.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus