Fedora Security :: Nessus - Nessusd Returned An Empty Report
May 25, 2009
After running
Code:
nessus-fetch --register <Activation Code>
I got
Code:
nessus-update-plugins could not be found in your $PATH
When I try to run a scan on localhost I get the message "nessusd returned an empty report".
Here's the entry in nessusd.messages
Code:
[Mon May 25 00:30:03 2009][13188] user mickey.harvey : testing 127.0.0.1 (127.0.0.1) [13189]
[Mon May 25 00:30:04 2009][13189] Finished testing 127.0.0.1. Time : 0.03 secs
[Mon May 25 00:30:04 2009][13188] user mickey.harvey : test complete
[Mon May 25 00:30:04 2009][13188] Total time to scan all hosts : 1 seconds
[Mon May 25 00:30:04 2009][13188] user mickey.harvey : Kept alive connection
I would like to get the scan working and make sure that nessus is updating the plugins. I have been looking though the nessus documentation and tried searching on Goggle without any success.
View 1 Replies
ADVERTISEMENT
May 7, 2010
I am using nessus to evaluate the security of a web server. I have started up the nessus daemon on the server, here's the netstat output:
Code:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:ldap *:* LISTEN 3565/slapd
tcp 0 0 *:mysql *:* LISTEN 4026/mysqld
tcp 0 0 *:pop3 *:* LISTEN 3584/xinetd
tcp 0 0 *:sunrpc *:* LISTEN 3463/portmap
tcp 0 0 *:www-http *:* LISTEN 13855/httpd2-prefor
tcp 0 0 *:ssh *:* LISTEN 3577/sshd
tcp 0 0 *:nessus *:* LISTEN 6118/nessusd: waiti
tcp 0 0 *:smtp *:* LISTEN 3636/master
tcp 0 0 *:https *:* LISTEN 13855/httpd2-prefor
udp 0 0 *:sunrpc *:* 3463/portmap
It's listening on the default nessus port 9390. I am trying to connect to the nessus server instance using Open-VAS Client. I have generated the client and server certificates, I have pointed the client at the User Certificate File, the User Key File and I have a CA cert. I have created a user account on the nessus server. The problem is that when I try and log in from the Open-VAS client it keeps saying it can't connect. Is there anywhere I can check to see if it's being caught in a firewall, or where I can see if the connection is even making it to the server..
View 4 Replies
View Related
May 12, 2009
have a script that will report whenever a file is copied? Some useful information would be the time/date, user, and destination whenever a file is copied. I've looked into the stat command, but it does not distinguish between copy and access.
View 4 Replies
View Related
Jan 25, 2011
I've been trying to make sense out of this error report. I get it every once in a while on startup of my machine.
Code:
Summary:
SELinux is preventing /usr/sbin/ntpd access to a leaked netlink_route_socket
file descriptor.
Detailed Description:
[ntpd has a permissive type (ntpd_t). This access was not denied.]
SELinux denied access requested by the ntpd command. It looks like this is either a leaked descriptor or ntpd output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the netlink_route_socket. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ [URL]
Additional Information:
Source Context system_u:system_r:ntpd_t:s0
Target Context system_u:system_r:firstboot_t:s0
Target Objects netlink_route_socket [ netlink_route_socket ]
Source ntpd
Source Path /usr/sbin/ntpd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ntp-4.2.6p2-7.fc14
Target RPM Packages
Policy RPM selinux-policy-3.9.7-3.fc14
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name leaks
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.35.6-45.fc14.i686
#1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686
Alert Count 1
First Seen Fri 21 Jan 2011 02:01:09 AM PST
Last Seen Fri 21 Jan 2011 02:01:09 AM PST
Local ID fb73799a-8d3c-4d9a-8c06-a0c1b6d4814e
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1295604069.730:15): avc: denied { read write } for pid=1731 comm="ntpd" path="socket:[14643]" dev=sockfs ino=14643 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:firstboot_t:s0 tclass=netlink_route_socket
node=localhost.localdomain type=SYSCALL msg=audit(1295604069.730:15): arch=40000003 syscall=11 success=yes exit=0 a0=8a1ad60 a1=8a1b040 a2=8a1b2c8 a3=8a1b040 items=0 ppid=1730 pid=1731 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
View 2 Replies
View Related
Feb 2, 2010
For a month or so now, I have been enabling ssh and opening port 22. I cron'ed the start and stop commands to leave them open only a few hours a day. After a bit, I checked my logs to find that some IP or another was attempting to brute force my root account.
I took little real threat by the offense.
(1) my system does not allow root to login and
(2) it would cut them off sooner than later when my system issued the stop command.
fast forward
Today I log in to find that all of my log files, as viewed from the gnome log file viewer, were empty of entries from about noon yesterday and prior.
Though I haven't noticed anything at all out of the ordinary with my system, I would like to get more opinions on the matter. Would there be any conceivable way that this was an automatic system routine, a clean up action of something? Additionally, if I was indeed the victim of a hack, what can I do to further protect my system (keeping in mind that I do want to access my system via ssh from time to time)?
View 4 Replies
View Related
Feb 6, 2010
Everytime I login the SELinux Troubleshooter panel applet alerts me that I have 1 alert to view, however when I click on the icon and bring up the Troubleshooter there are no alerts
View 2 Replies
View Related
Mar 24, 2010
Fedora 12
Nessus: 2.2.11-5
Authent: using passwrd
Client: GTK version
User: added with no rules
nessus-mkcrt: has been ran
Hosts.allow: hole made for localhost to nessusd with nessusd:127.0.0.1 (this took care of my ssl error)
Upon trying to log into daemon I get the cert then prompted with failed login. I am also not getting anything showing up in my logviewer (gnome). For most other daemons I have had them automagicaly pop up (denyhosts for example) how can I get nessus to show up as well.
View 1 Replies
View Related
Jan 20, 2011
I can see my Suse 11 severs, ftp to it and sit up share folder but can't login as user from workstation as users. It IBM eServer 235 2X3.8Ghz Xeon, 6GB of memory with 6X73.6 Hard Drive got this message error; The following security events occurred since Thu Jan 20 19:29:40 2011:
type=APPARMOR_DENIED msg=audit(1295580702.142:653): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/var/lib/samba/unexpected.tdb" pid=4873 parent=1 profile="/usr/sbin/nscd"
type=APPARMOR_DENIED msg=audit(1295580702.234:654): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/var/lib/samba/unexpected.tdb" pid=4873 parent=1 profile="/usr/sbin/nscd"
Charles E. Hightower
Ht280@yahoo.com
charles@santech.net
Charles E. Hightower - LinkedIn
View 1 Replies
View Related
Jul 13, 2011
I am running KDE4 on Debian Squeeze. Networkmanager works fine, for both WEP and WPA. Connects automatically etc, no problem. The only problem exists when I want to connect to a WEP network which has an empty security key. I used to be able to connect before I used networkmanager using iwconfig and specify iwconfig wlan0 key off. I tried in networkmanager to specify both no security and WEP with an empty passkey. However, none works. Is there maybe somewhere a setting which precludes connecting because it is considered unsafe?
View 5 Replies
View Related
Sep 9, 2010
Is there a way to securely empty the trash bin without the need to type some shred command into consoles. My intentions is to be able to securely delete files when the 'Empty Trash' is used so to save the trouble of going to a console and doing some commands using shred.
View 5 Replies
View Related
May 24, 2010
I don't know whether this is a bug or feature. But I find the fact that the Trash in Gnome doesn't delete trashinfo files a security liability.
I found in ./local/share/Trash/info thousands of .trashinfo files named exactly like the files deleted and each one contains the date of deletion.
I thought when I empty the trash bin every record of the files were removed. I understand that there are forensic ways to recover data and rm isn't very secure with journaled file systems, but forensic recovery isn't 100% and if the disk is written over several times the data is gone.
Here you have a permanent list of all the files you've deleted, without you knowing and the dates of deletion. IMO that's too much information.
Update: Weird after removing the files manually and then trying to delete files again using the trash I found no .trashinfo files, this time. So they were probably leftover files, but they didn't have a different owner/permission. Could this have been an issue and now fixed? (running Lucid)
View 1 Replies
View Related
Feb 19, 2011
i want to install Nessus gui by using yum .HOw to Play with it .i want to conduct
Vulnerability assessments on the victim machine/ip.Can we use it for online scaning.if yes ?then how to perform ?
View 3 Replies
View Related
Nov 4, 2010
On my FC14 in /var/log/message i have a lot of erroe about rt_ioctl ..
[Code]....
View 1 Replies
View Related
Aug 26, 2011
I have a machine that I want to install Nessus on it.
Nessus supports many Operating Systems:
Microsoft Windows
Mac OS X
Linux
FreeBSD
The full list is here: [URL]... What would the best OS to install Nessus on for performance be?
View 1 Replies
View Related
Jun 28, 2010
I successfully installed the nessus. It was .deb file . first of all, I type
"sudo dpkg -i Nessus-4.2.2-ubuntu910_amd64.deb".
The output of this command was "You can start nessusd by typing /etc/init.d/nessusd start"
That's why I type that command and I get " $Starting Nessus : ." There is nothing like interface of this software, when I try to search GUI from synaptic package manager. So What should I do ?
View 3 Replies
View Related
Sep 12, 2010
I am using a fully updated fedora 13 64-bit system and when i run make on xoscope i get the following error:
collect2: ld returned 1 exit status
I have already installed all of the prereqs. And the configure went without errors.
View 9 Replies
View Related
May 17, 2010
I've been having problems with pdf files made using latex (dvi->ps->pdf). I found a reported bug in bugzilla by searching the error message and made a comment. The 'problem' is that the bug is filed under evince, but I'm pretty sure it is in ghostscript. Should I file another bug in the ghostscript section, or will the clever people at bugzilla work it out once they get round to this particular bug (it's marked as low priority)?
The bug report can be found here[URL]..The bug is more annoying than anything else, so any advice is welcome.
View 1 Replies
View Related
Nov 4, 2010
I want to install nessus. I run the following in the terminal:
sudo apt-get install nessus
I get a message that the package is not available and anther package replace it. However I am interested in nessus and not in openvas-client (the other package). So how can I get the nessus package.
View 5 Replies
View Related
Jun 30, 2011
Whether NessusCleint and Nessus Server are available as two different packages or they have been merged into a single package.
Earlier there used to be 2 diff packages one for Nessus Cleint and other for Server. But now i was not abel to find any package for clinet and in the only package thats available on nessus.org also does not contain any cleint in it.
View 6 Replies
View Related
Sep 22, 2010
I have a backtrack distro on a usb stick. I wish to do the following :-
(a) Partition the usb stick to have a ext3 filesystem, so that the instln may be persistent for the changes. But the fdisk utility creates partitions as dev/sdb1p1 and /dev/sdb1p2. These however, could not be accessed by mkfs utility. How to overcome this problem.
(b) Next , I downloaded the nessus .lzm file and put it in the /base/module dir. But unable to start the nessus daemon. It suggests an error regarding unable to create /opt/nessus and /etc/nessus/nessusd.conf. I think starting nessus as root would help but the problem persists!
View 1 Replies
View Related
Mar 18, 2011
I finnaly put my hand on a mini-itx board with the AMD E-350 2 cores Zacate CPU with ASROCK E350M1 E350 A50M R with 4 GB ram. I installed fedora 14 64 bits first, than 32 bits lastly and in both case, linux fedora 14 reported only 2.6GB of my 4GB ram. On the bios, I read 4096MB with 384MB shared.
I booted a cd with memtest86 V4.20, and it reported 3709MB of ram, that seems ok. under linux fedora 14: free -m, show: 2637MB, under monitor, we can read, 2.6GiB
View 14 Replies
View Related
Feb 8, 2010
Is is possible to create a report which contains every Disk usage status, Exim mail q , and etc and generate it into the excel files monthly.
View 4 Replies
View Related
Sep 15, 2010
I am using nessus 4.2.2. When running with command line:
nessus -q -x -T html 127.0.0.1 1241 myUser myPassword listTarget.txt output.txt
1241 is default port of nessus
The error throw out:
nessus : Could not open a connection to 127.0.0.1
But when I running nessus GUI by browser with localhost on port 8834 is ok.
View 1 Replies
View Related
Mar 27, 2010
chroot in two mini distros (Tiny Core and SliTaz): chroot jail appears 'blind'. Chroot can't find any files in the jail and exit with error code. Example (ugly):
Code:
# mkdir /mnt/test
# mkdir /mnt/test/bin
# mkdir /mnt/test/dev
# mkdir /mnt/test/proc
# mkdir /mnt/test/lib
# mount /dev/hdb1 /mnt/test
# mount -t proc none /mnt/test/proc
[Code]...
chroot: cannot execute /bin/bash: No such file or directory Where is the problem?
View 4 Replies
View Related
Oct 25, 2009
I don't know what bugzilla wants to know. I tried to create a new report, but I failed at the first page/question. THe page ask me to enter a classification. But I don't know want that could be. I check multible times but I got always just a big red EM. What's to enter at 'named tag' and at 'to bugs'?
View 4 Replies
View Related
Jun 30, 2010
I've been running Fedora since core 6, am on 13 now, always with KDE. I upgraded but also did fresh installs.I'm typing, in oo.org, Kile or Kate. Suddenly, without warning, the File menu is selected - mind you, without me clicking the mouse or pressing alt-F or anything. Just typing text.
Or how about this: I'm typing again. All of a sudden the direction changes from the normal left to right to the Hebrew right to left. I think I only pressed ctrl-s to save... Did I?
I can't reproduce any of it, although it seems to be related to Kate based editors and using alt-tab to switch windows. Like the alt key hangs digitally. Is it Linux, Fedora, KDE or Kate? (it can't be the computer, this has happened to me on several distinct machines) Where do I report this, to get a fix?
View 3 Replies
View Related
Jul 16, 2010
when i am prompted to send a bug report i am given two choices. either i ll use bugzilla or logger. which one should i be using?
View 2 Replies
View Related
Jan 29, 2011
I don't need to be advised if a printer job failed on my screen. I am sitting beside the printer. I know someone needs that feature but how do I turn it off.What software is responsible for putting a printer icon up and then giving me this output? And will that software accept a request to change the default behavior?
View 3 Replies
View Related
Oct 28, 2010
just installed Fedora 13 on a pentium 4 laptop by Dell, with 1 Gb RAM.
As I opt for Compiz, it cannot start, there is a black pop up saying Crash, and some numbers follow. How can this be fixed?
Should I install KDE?
Is there an update of software?
I can opt for Compiz but worry that it will be faulty. That is the second attempt also produced the crash warning pop up but gave me the option of keeping it or going back after about twenty seconds, with the figures on the screen. I played it safe. Also can I try it, and manually go back?
Error report shows Compiz killed by Signal 11 SIGSEGV, this was added after post 9.
View 13 Replies
View Related
Nov 20, 2010
after some tweaking i managed to get nessus installed on my machine. However i'm running into an issue when trying to add a user.The nessus daemon is running on my machine, i've registered. I think everything is peachy in that regard, but when i run:
Code:
zachadmin@ubuntu:~$ sudo /etc/init.d/nessusd restart
$Shutting down Nessus : .
$Starting Nessus : .[code].....
Obviously the command not found is my error, from what i understand there isn't a default user placed in the first time.So essentially i have thie program installed, but i can't access it.
View 1 Replies
View Related
