Results 1 to 8 of 8

Thread: Nessus 2.0.4 is out!

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885

    Nessus 2.0.4 is out!

    This release solves the OpenSSL issue that many of us had run into with RedHat 9.0.

    You can get 2.0.4 from

    www.nessus.org

    Hope this helps!

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    i've been looking into nessus for auditing my home network (i'm a newbie, bare with me)
    but it needs (from what i've read) a server and client copy of nessus running to work?

    do you need the server running on all of your servers, or just one of the machines?
    i'm confused... could someone please shed some light on the subject for me

    thank you!
    When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
    http://www.AntiOnline.com/sig.php?imageid=360

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    You are correct. You need the server and a client.

    The server will only run on a *nix box. They have a client for both *nix and Win32.

    If you install the client on a Win32 box, then you have to point it to a server running on a *nix box.

    I'm not an expert on nessus... but I'm pretty sure thats the way it works.

    I guess you would just regularly update the "definitions"?

    I've only played with it a little bit....
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    The server is where the nessus daemon lives. The nessus daemon is what is responsible for one authenticating and managing client access as well as launching the attacks that the client has requested. So when you see the log files of the servers you are scanning, the attacker will show up as the server.

    The client is just that. It is a tool for connecting to the server, selecting the session requirements, selecting which vulnerabilities you wish to check for, and configuring/tweaking any of the plugins that allow it (for example inserting your domain name in, or only doing tcp syn scans, etc).

    As far as the actual attacks go, they are just plugins (NASL scripts, Nessus Attack Scripting Language i think is what it stands for). You can download an all.tar.zip from nessus.org and explode it in the plugins directory and restart nessusd to update the attacks. Just keep in mind that if you customized any of those scripts, they will be overwritten. Also keep in mind that those scripts are supplied by the community at large and it is possible that malicious things are contained within them, so make sure you review them carefully (and at over 1000 of them, there is alot to look at...)



    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  5. #5
    guys can u help me out? can u tell me how to hack web sites for passwords?

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    guys can u help me out? can u tell me how to hack web sites for passwords?
    Absolutely! All of us here have nothing better to do. We'll gladly be an accomplice in helping you crack into websites. Which one did you want to crack?

    Get real. This isn't the site for that. Read the FAQ b4 make yourself look like an even bigger idiot than you aready have.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Originally posted here by spirit_420_mage
    guys can u help me out? can u tell me how to hack web sites for passwords?
    <sarcasm> We would love to help you commit a crime! Can we help you break into some banks too? </sarcasm>

    spirit_420_mage: Please read the Antionline FAQ here http://www.antionline.com/misc.php?action=faq

    Edit: Didnt see phishphreek80's post. Must be a faster typer..
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  8. #8
    Senior Member
    Join Date
    May 2002
    Posts
    256
    Originally posted here by phishphreek80


    Absolutely! All of us here have nothing better to do. We'll gladly be an accomplice in helping you crack into websites. Which one did you want to crack?

    Get real. This isn't the site for that. Read the FAQ b4 make yourself look like an even bigger idot than you aready have.
    I guess stupid people do stupid things. Hooked on phonics didnt work for Spirit....Ah well

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •