On Tue, 2004-03-16 at 19:42, cikasole wrote:
On Tue, 2004-03-16 at 18:49, cikasole wrote:
On Tue, 2004-03-16 at 18:26, Jeffrey L. Taylor wrote:
Quoting cikasole
: [snip] Unfortunately, I discovered that there seem to be something broken among the three: nmap 4.50, nessus 2.0.10 and the kernel distributed with SuSE 9.0. | | oops - it's nmap 3.50 ---|
Have you tried the nmap and nessus that come with 9.0? I did this last week and it worked fine. This week I upgraded that machine to the 9.1 beta so I can't provide details.
Jeffrey
Actually, I did not. I never install these two from SuSE distribution, since they are always outdated at the time I receive my SuSE box. I always used the sources from home pages, and never had problems, really.
Now, I'll try your advice. Thank you for so prompt answer.
I just installed and tried the nmap and nessus that came with 9.0. Well, it's not that they don't work, but I'd say they behave strangely. Sometimes, the scan just finishes without actual scan - it gives an *empty* report. Another time it looks like they're working. It depends on some scan options, but the behavior is not consistent. It's more like random. E.g. if I choose any scan option in addition to "nmap" and "snmp port scan" it won't work. Also if I play with nmap section in "Prefs" tab, it stops working (or starts again). It is almost the same show that I had with nmap 3.50 and nessus 2.0.10a.
The problem is that I can't trust the tool like this, even if it produces a report - how to tell that it's ok. I still look forward to some more hints. I just can't believe that such a powerful and valuable tool can be so broken, with no reason, after so many successful versions. Or, is it really the SuSE 9.0 kernel, as some pointed?
Don't kill the thread, please.
Anybody?
cikasole
OK, seems I talk to myself through the SLE list. Well, it seems that there's no solution for this problem. Anyway, the best I managed up to now is the following: First remove nmap and nessus and install packages from SuSE CD/DVD-s . Then take updates - rpm files from SuSE and freshen the installation. There are patch rpm for nmap and rather new rpms for nessus on the SuSE server. Namely, the files are under this link: http://ftp.leo.org/download/pub/comp/os/unix/linux/suse/suse... The names of the files I used are: libnasl-2.0.7-40.i586.rpm nessus-core-2.0.7-56.i586.rpm nessus-libraries-2.0.7-42.i586.rpm nmap-3.30-70.i586.patch.rpm It works now much more consistent, although not perfect yet. E.g, one must not use other scan prefs than "nmap" and "snmp", and also must not use "enable dependencies at run-time" for plug-ins. There's more to this I'm afraid, I just did not try all combinations for now. I am ready to settle with this for the moment. Of course, I do not trust this solution enough to use it in the forthcoming audit. I'll take another laptop (SuSE 8.1) with me, to use it as a reference system. BTW, it's so strange, I expected more nmap/nessus experience to show up in this thread. Or it's just my timezone. Let's wait and see. cikasole