Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
nessusd -R every time?
nessus at the-jedi
Dec 29, 2008, 12:50 AM
Post #1 of 5 (4728 views)
Permalink
Hi,

I'm writing some NASL plugins at the moment and am getting fed up of
going through the following procedure to make sure the new script is
seen by NessusClient:

1. copy script from Git repository to the plugins directory
2. sign the script with nasl -S
3. nessusd -R
4. /etc/init.d/nessusd restart
5. reconnect client to server

The worst part is nessusd -R which takes forever even on a 3.2GHz quad
core! Isn't there a way this can be skipped or sped up as its a bit of a
pain, especially when you've forgotten a semi-colon somewhere in your
script and you've got to go through it all again!

I can only think of temporarily moving most of the plugins out of the
way, just leaving enough to satisfy dependencies.

Any other ideas?

--
Simon John
nessus at the-jedi.co.uk

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: nessusd -R every time? [ In reply to ]
deraison-lists at nessus
Dec 29, 2008, 3:42 AM
Post #2 of 5 (4616 views)
Permalink
Hi John,

On Dec 29, 2008, at 9:50 AM, Simon John wrote:

> Hi,
>
> I'm writing some NASL plugins at the moment and am getting fed up of
> going through the following procedure to make sure the new script is
> seen by NessusClient:
>
> 1. copy script from Git repository to the plugins directory
> 2. sign the script with nasl -S
> 3. nessusd -R
> 4. /etc/init.d/nessusd restart
> 5. reconnect client to server
>
> The worst part is nessusd -R which takes forever even on a 3.2GHz quad
> core! Isn't there a way this can be skipped or sped up as its a bit
> of a
> pain, especially when you've forgotten a semi-colon somewhere in your
> script and you've got to go through it all again!
>
> I can only think of temporarily moving most of the plugins out of the
> way, just leaving enough to satisfy dependencies.
>
> Any other ideas?


nessusd -R purges the entire plugin database and re-processes every
plugin. This should only be used when a DB is corrupt.

For your use case, you should use nessusd -t which performs a checksum
on each plugin and only reprocesses those which changed. It's way
faster and should remove the pain.

Also, prior to putting the script into the plugins/ directory, you
should use nasl -L to make sure it parses properly.



-- Renaud


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: nessusd -R every time? [ In reply to ]
nessus at the-jedi
Dec 29, 2008, 4:32 AM
Post #3 of 5 (4623 views)
Permalink
Renaud Deraison wrote:

[snip]
> For your use case, you should use nessusd -t which performs a checksum
> on each plugin and only reprocesses those which changed. It's way
> faster and should remove the pain.

That does seem to be a lot faster thanks, however it never returns
control to the console, you need to Ctrl-C it.

A quick "strace nessusd -t" reveals that it sits there trying to bind to
ipv6 or something - which I have disabled on my Linux install (and have
enable_listen_ipv6=no in nessusd.conf) :

open("/proc/net/if_inet6", O_RDONLY) = -1 ENOENT (No such file or
directory)

> Also, prior to putting the script into the plugins/ directory, you
> should use nasl -L to make sure it parses properly.

Yes that's a good point!
--
Simon John
nessus at the-jedi.co.uk

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: nessusd -R every time? [ In reply to ]
deraison-lists at nessus
Dec 29, 2008, 5:23 AM
Post #4 of 5 (4625 views)
Permalink
On Dec 29, 2008, at 1:32 PM, Simon John wrote:

> Renaud Deraison wrote:
>
> [snip]
>> For your use case, you should use nessusd -t which performs a
>> checksum
>> on each plugin and only reprocesses those which changed. It's way
>> faster and should remove the pain.
>
> That does seem to be a lot faster thanks, however it never returns
> control to the console, you need to Ctrl-C it.

That's because 'nessusd -t' is similar to 'nessusd' in the sense that
it really starts the nessusd process and won't return.
Use nessusd -t -D to make it run in the background.


> A quick "strace nessusd -t" reveals that it sits there trying to
> bind to
> ipv6 or something - which I have disabled on my Linux install (and
> have
> enable_listen_ipv6=no in nessusd.conf) :
>
> open("/proc/net/if_inet6", O_RDONLY) = -1 ENOENT (No such file or
> directory)

Even though you disabled binding to ipv6, nessusd checks wether ipv6
is enabled -- you could have a nessusd daemon explicitely listening on
IPv4 only, but still want it to scan IPv6 targets.


-- Renaud



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: nessusd -R every time? [ In reply to ]
rbabcock at cfa
Dec 29, 2008, 8:15 PM
Post #5 of 5 (4617 views)
Permalink
> nessusd -R purges the entire plugin database and re-processes every
> plugin. This should only be used when a DB is corrupt.
>
> For your use case, you should use nessusd -t which performs a checksum
> on each plugin and only reprocesses those which changed. It's way
> faster and should remove the pain.
>
> Also, prior to putting the script into the plugins/ directory, you
> should use nasl -L to make sure it parses properly.

What about under Windows? It's been a while since I did any plugin
modifications; as I recall, I deleted the database files and ran
build.exe, and it was rather slow.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal