Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
Plugin Managment
christopheraashby at gmail
Nov 17, 2008, 6:05 AM
Post #1 of 6 (4178 views)
Permalink
List-

Was just wondering how everyone manages there plug-in subscriptions,
more specifically what plug-ins were updated, added, and or removed
(if applicable). I would like to receive a daily report either
automatically created which would inform me of all the updates that
have been applied to existing plug-ins, and any new ones that have
been downloaded from the repo.

Does anyone even manage plug-in libraries this way? Is it even
possible? Any suggestions would be helpful.

Thanks-

ashby
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Plugin Managment [ In reply to ]
rgula at tenablesecurity
Nov 17, 2008, 6:27 AM
Post #2 of 6 (4050 views)
Permalink
christopher ashby wrote:
> List-
>
> Was just wondering how everyone manages there plug-in subscriptions,
> more specifically what plug-ins were updated, added, and or removed
> (if applicable). I would like to receive a daily report either
> automatically created which would inform me of all the updates that
> have been applied to existing plug-ins, and any new ones that have
> been downloaded from the repo.
>
> Does anyone even manage plug-in libraries this way? Is it even
> possible? Any suggestions would be helpful.
>

Hi Chris,

Tenable offers an RSS feed of all new plugins.

http://www.nessus.org/rss/

We offer updates for new Nessus checks, as well as our Passive
Vulnerability Scanner, new log normalizers for the Log Correlation
Engine and also updates to audit files for Nessus Professional
Feed and Security Center users.

Many of the plugins change very often. For example, the anti-virus
plugins change on a daily basis. We also perform a great deal of
content management on the plugins to make more accurate reports,
links to other places for more information and in some case even
rename plugins to describe them better.

Most Nessus users I speak with perform a plugin update before
performing a scan.

In the Security Center, we do have a feature where a user can select
a scanning policy of options, Nessus plugins families, and then
"Lock It" such that if new plugins are available in that family,
they won't be run. This is usful for performing the same exact scan
on different parts of the network, especially if it takes you longer
than a few days to complete your scan.

Ron Gula
Tenable Network Security

















_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Plugin Managment [ In reply to ]
theall at tenablesecurity
Nov 17, 2008, 12:01 PM
Post #3 of 6 (4050 views)
Permalink
On Nov 17, 2008, at 9:05 AM, christopher ashby wrote:

> Was just wondering how everyone manages there plug-in subscriptions,
> more specifically what plug-ins were updated, added, and or removed
> (if applicable). I would like to receive a daily report either
> automatically created which would inform me of all the updates that
> have been applied to existing plug-ins, and any new ones that have
> been downloaded from the repo.

Several years ago I developed a Perl script that you might be
interested in. It's not a Tenable product, though. And it requires a
bit of setup, although nothing that a reasonably good sysadmin or
Perl programmer should have difficulty with. The script is called
update-nessus-plugins, and works as a wrapper around the script nessus-
update-plugins that's included with Nessus. It offers options for
backing up the plugins tarball prior to running an update as well as
summarizing changes in the plugins, as context diffs when possible.
The script is free and should run on most any sort of *nix system. You
will need another of my scripts (describe-nessus-plugin) and to
configure plugin updates to operate through cron rather than the
Nessus server directly. For more info, look at http://www.tifaware.com/perl/update-nessus-plugins/
.

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Plugin Managment [ In reply to ]
christopheraashby at gmail
Nov 19, 2008, 10:04 AM
Post #4 of 6 (4033 views)
Permalink
George-

Thanks for the heads up, I believe that this is what i am looking for.
I'm going to download and play around, if something comes of it I
will let you know.

Thanks again

ashby



On Mon, Nov 17, 2008 at 3:01 PM, George A. Theall
<theall@tenablesecurity.com> wrote:
> On Nov 17, 2008, at 9:05 AM, christopher ashby wrote:
>
>> Was just wondering how everyone manages there plug-in subscriptions,
>> more specifically what plug-ins were updated, added, and or removed
>> (if applicable). I would like to receive a daily report either
>> automatically created which would inform me of all the updates that
>> have been applied to existing plug-ins, and any new ones that have
>> been downloaded from the repo.
>
> Several years ago I developed a Perl script that you might be
> interested in. It's not a Tenable product, though. And it requires a
> bit of setup, although nothing that a reasonably good sysadmin or
> Perl programmer should have difficulty with. The script is called
> update-nessus-plugins, and works as a wrapper around the script nessus-
> update-plugins that's included with Nessus. It offers options for
> backing up the plugins tarball prior to running an update as well as
> summarizing changes in the plugins, as context diffs when possible.
> The script is free and should run on most any sort of *nix system. You
> will need another of my scripts (describe-nessus-plugin) and to
> configure plugin updates to operate through cron rather than the
> Nessus server directly. For more info, look at http://www.tifaware.com/perl/update-nessus-plugins/
> .
>
> George
> --
> theall@tenablesecurity.com
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Plugin Managment [ In reply to ]
christopheraashby at gmail
Nov 20, 2008, 12:22 PM
Post #5 of 6 (4035 views)
Permalink
George-

Genius!

This is exactly what I'm looking for. I was able to download and
modify your script and produce the results that management wanted.
All I have to do is throw this puppy into a cron and i'm good to go.

I do have a question... pertaining to plugin updates, would you
recommend the solution be to disable the plugin options in
/opt/nessus/etc/nessus/nessusd.conf file? More specifically the
following options:
# Automatic plugins updates - if enabled and Nessus is registered,
then fetch the newest plugins from plugins.nessus.org automatically
auto_update = yes
# Number of hours to wait between two updates
auto_update_delay = 24
# Should we purge the plugin db at each update ? (slower)
purge_plugin_db = no

I was thinking that this was the best, and then just have the script
manipulate and handle the plugins.

Let me know your thoughts.
Thanks
ashby


On Wed, Nov 19, 2008 at 1:04 PM, christopher ashby
<christopheraashby@gmail.com> wrote:
> George-
>
> Thanks for the heads up, I believe that this is what i am looking for.
> I'm going to download and play around, if something comes of it I
> will let you know.
>
> Thanks again
>
> ashby
>
>
>
> On Mon, Nov 17, 2008 at 3:01 PM, George A. Theall
> <theall@tenablesecurity.com> wrote:
>> On Nov 17, 2008, at 9:05 AM, christopher ashby wrote:
>>
>>> Was just wondering how everyone manages there plug-in subscriptions,
>>> more specifically what plug-ins were updated, added, and or removed
>>> (if applicable). I would like to receive a daily report either
>>> automatically created which would inform me of all the updates that
>>> have been applied to existing plug-ins, and any new ones that have
>>> been downloaded from the repo.
>>
>> Several years ago I developed a Perl script that you might be
>> interested in. It's not a Tenable product, though. And it requires a
>> bit of setup, although nothing that a reasonably good sysadmin or
>> Perl programmer should have difficulty with. The script is called
>> update-nessus-plugins, and works as a wrapper around the script nessus-
>> update-plugins that's included with Nessus. It offers options for
>> backing up the plugins tarball prior to running an update as well as
>> summarizing changes in the plugins, as context diffs when possible.
>> The script is free and should run on most any sort of *nix system. You
>> will need another of my scripts (describe-nessus-plugin) and to
>> configure plugin updates to operate through cron rather than the
>> Nessus server directly. For more info, look at http://www.tifaware.com/perl/update-nessus-plugins/
>> .
>>
>> George
>> --
>> theall@tenablesecurity.com
>>
>>
>>
>> _______________________________________________
>> Nessus mailing list
>> Nessus@list.nessus.org
>> http://mail.nessus.org/mailman/listinfo/nessus
>>
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: Plugin Managment [ In reply to ]
theall at tenablesecurity
Nov 21, 2008, 9:20 AM
Post #6 of 6 (4035 views)
Permalink
On Nov 20, 2008, at 3:22 PM, christopher ashby wrote:

> I do have a question... pertaining to plugin updates, would you
> recommend the solution be to disable the plugin options in
> /opt/nessus/etc/nessus/nessusd.conf file?

If you don't do that, then you won't learn details of plugin updates
that are done automatically.

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal