This release solves the OpenSSL issue that many of us had run into with RedHat 9.0.
You can get 2.0.4 from
www.nessus.org
Hope this helps!
;)
Printable View
This release solves the OpenSSL issue that many of us had run into with RedHat 9.0.
You can get 2.0.4 from
www.nessus.org
Hope this helps!
;)
i've been looking into nessus for auditing my home network (i'm a newbie, bare with me)
but it needs (from what i've read) a server and client copy of nessus running to work?
do you need the server running on all of your servers, or just one of the machines?
i'm confused... could someone please shed some light on the subject for me :D
thank you!
You are correct. You need the server and a client.
The server will only run on a *nix box. They have a client for both *nix and Win32.
If you install the client on a Win32 box, then you have to point it to a server running on a *nix box.
I'm not an expert on nessus... but I'm pretty sure thats the way it works.
I guess you would just regularly update the "definitions"?
I've only played with it a little bit....
The server is where the nessus daemon lives. The nessus daemon is what is responsible for one authenticating and managing client access as well as launching the attacks that the client has requested. So when you see the log files of the servers you are scanning, the attacker will show up as the server.
The client is just that. It is a tool for connecting to the server, selecting the session requirements, selecting which vulnerabilities you wish to check for, and configuring/tweaking any of the plugins that allow it (for example inserting your domain name in, or only doing tcp syn scans, etc).
As far as the actual attacks go, they are just plugins (NASL scripts, Nessus Attack Scripting Language i think is what it stands for). You can download an all.tar.zip from nessus.org and explode it in the plugins directory and restart nessusd to update the attacks. Just keep in mind that if you customized any of those scripts, they will be overwritten. Also keep in mind that those scripts are supplied by the community at large and it is possible that malicious things are contained within them, so make sure you review them carefully (and at over 1000 of them, there is alot to look at...)
/nebulus
guys can u help me out? can u tell me how to hack web sites for passwords?
Absolutely! All of us here have nothing better to do. We'll gladly be an accomplice in helping you crack into websites. Which one did you want to crack?Quote:
guys can u help me out? can u tell me how to hack web sites for passwords?
Get real. This isn't the site for that. Read the FAQ b4 make yourself look like an even bigger idiot than you aready have.
<sarcasm> We would love to help you commit a crime! Can we help you break into some banks too? </sarcasm>Quote:
Originally posted here by spirit_420_mage
guys can u help me out? can u tell me how to hack web sites for passwords?
spirit_420_mage: Please read the Antionline FAQ here http://www.antionline.com/misc.php?action=faq
Edit: Didnt see phishphreek80's post. Must be a faster typer.. :D
I guess stupid people do stupid things. Hooked on phonics didnt work for Spirit....Ah wellQuote:
Originally posted here by phishphreek80
Absolutely! All of us here have nothing better to do. We'll gladly be an accomplice in helping you crack into websites. Which one did you want to crack?
Get real. This isn't the site for that. Read the FAQ b4 make yourself look like an even bigger idot than you aready have.