GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  NESSUS (1)

NAME

nessus - The client part of the Nessus Security Scanner

CONTENTS

Synopsis
Description
Options
The X11 interface
Report conversion
Examples
Files
More Information About The Nessus Project
Authors

SYNOPSIS

nessus [-v] [-h] [-n] [-T <type>] [-q [-pPS] host port user password targets results]

nessus -i in.[nsr|nbe] -o out.[html|xml|nsr|nbe]

DESCRIPTION

The Nessus Security Scanner is a security auditing tool made up of two parts: a server, and a client. The server, nessusd is in charge of the attacks, whereas the client nessus provides an interface to the user.

nessus is an X11 client based on the Gimp ToolKit (GTK).

This man page explains how to use the client.

OPTIONS

-c <config-file>, --config-file=<config-file>
  use another configuration file.

-n, --no-pixmaps
  no pixmaps. This is handy if you are running nessus on a remote computer.

-q, --batch-mode
  quiet mode or batch mode. Setting this option makes the nessus client expect all of the following settings. -p
  obtain list of plugins installed on the server.
-P
  obtain list of server and plugin preferences.
-S
  issue SQL output for -p and -P (experimental).
o host
  is the nessusd host to whom you will connect.
o port
  is the port to which you will connect on the remote nessusd host.
o user
  is the user name to use to connect to nessusd.
o password
  is the password associated with this user name.
o targets
  is the name of a file containing the target machines.
o results
  is the name of the file where the results will be stored at the end of the test.

-r <report-file>, --open-report=<report-file>
  Using the GUI, nessus visualizes a report file from a previous session. Repeating this option, more files are displayed.

-T <type>, --output-type=<type>
  Save the data as <type>, where <type> can be “nbe”, “html”, “html_graph”, “text”, “xml”, “old-xml”, “tex” or “nsr”

-V, --verbose
  make the batch mode display status messages to the screen.

-x, --dont-check-ssl-cert
  do not check SSL certificates.

-v, --version
  shows version number and quits

-h, --help
  lists the available options

The X11 interface

The nessus client interface is divided in several panels:
o The “Nessusd host” section: In this section, you must enter the nessusd host to whom you will connect, as well as the port. You must also enter your nessusd user name and your password (not the one of the system). Once you are done, you must click on the “Log in” button, which will establish the connection to the nessusd host.
Once the connection is established, nessusd sends to the client the list of attacks it will perform, as well as the default preferences to use.

o The “Target Selection” section: o In this section, you are required to enter the primary target. A primary target may be a single host (e.g. prof.fr.nessus.org), an IP (e.g. 192.168.1.1), a subnet (e.g. 192.168.1.1/24 or prof.fr.nessus.org), or a list of hosts, separated by commas (e.g. 192.168.1.1, 192.168.2.1/24, prof.fr.nessus.org, joyeux.fr.nessus.org).

o You can restrict the maximum number of hosts to test using the “Max Hosts” entry. This is a feature that prevents you from scanning too many machines; or accidentally scanning other machines. (For instance, if you only plan to test prof.fr.nessus.org and www.fr.nessus.org, you can safely set this entry to “2”).

o This panel also allows you to enable the “Perform a DNS zone transfer” option. This option is dangerous and should be enabled with caution. For instance, if you want to test www.nessus.org, then if this option is set, nessusd will attempt to get the list of the hosts in the “nessus.org” domain.

This option may be dangerous. For instance, if you enable it and you ask to test 192.168.1.1/24, then nessusd will do a reverse lookup on every IP, and will attempt a DNS zone transfer on every domain. That is, if 192.168.1.1 is www.foo.bar, and 192.168.1.10 is mail.bar.foo, then a DNS zone transfer will be made on the domains “foo.bar” and “bar.foo”.

o The “Plugins” section Once you have successfully logged into the remote nessusd server, this section is filed with the list of the attacks that the server will perform. This panel is divided in two parts: the plugins families, and the plugins themselves. If you click on the name of a plugin, then a dialog will appear, showing you which will be the error message sent by the plugin if the attack is successful.

Report conversion

You can use nessus to do conversion between formats used for reports. Nessus can take any NSR or NBE reports and change them into HTML, XML, NSR or NBE reports.

Please note that the XML report provides usually more information about the scan itself NSR or NBE formats do not include in the report.

Basically, XML is a merge between the .nbe reports and the .nessusrc configuration file. You won’t get extra verbosity or diagnosis info in the XML report, but you’ll know which plugins (and which version of these plugins) have been enabled during the scan.

For more information on the report formats please read the files nsr_file_format.txt and nbe_file_format.txt provided along with the documentation.

ENVIRONMENT VARIABLES

HOME The path to the user’s home directory which will hold the client configuration cache .nessusrc. The path is refered to as ~/, below.

NESSUSHOME
  If this environment variable is set, this path is used instead of the path defined by the HOME variable. This path is referred to as ~/, below.

% More examples should be included here (jfs)

EXAMPLES

To run a batch scan from a cron job and publish it in a given web space ( /var/www/html/nessus/ ) try the following:

nessus -c /root/nessus/nessus.rc -T html -qx localhost 1241 batch batch1 /root/nessus/target /var/www/html/nessus/results.html

Make sure that paranoia level is not set in your nessus.rc configuration file, otherwise the scan will not work

FILES

~/.nessusrc
  is the client configuration file, which contains the options about which nessusd server to connect to, which plugins to activate, and so on. The file is created automatically if it does not exist.

SEE ALSO

nessus-mkcert-client(1)

MORE INFORMATION ABOUT THE NESSUS PROJECT

The canonical places where you will find more information about the Nessus project are:

http://www.nessus.org/ (Official site)
http://cvs.nessus.org/ (Developers site)

AUTHORS

The Nessus Project was started and is being maintained by Renaud Deraison <deraison@cvs.nessus.org>. The nessusd server is mainly Copyright (C) 1998-2001 Renaud Deraison, as well as the attack modules.

Several other people have been kind enough to send patches and bug reports. Thanks to them.

Search for    or go to Top of page |  Section 1 |  Main Index


The Nessus Project NESSUS (1) February 2003

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.