RE: Periodic Scan with nessus?

["John Scherff" <JScherff@24hourfit.com>]

>> How we can set nessus to do periodic scan and save report in specific folder after every scan with specific name and overwrite existing report?

 

Nitin:

 

Use a cron job. 

 

The below instructions assume you have Nessus Server 3.0.4 and NessusClient installed on a *nix box in the default locations.  It will generate both an NBE file and an HTML report every month at Midnight on the first Sunday, over-writing the result file and report from the previous month.

 

Step 0: create a directory structure similar to the following (just an example… create it however/wherever you want):

 

/opt/Nscans/configs – to hold configuration stuff

/opt/Nscans/targets – to hold scan target files

/opt/Nscans/scripts – to hold scripts you write

/opt/Nscans/results – to hold raw scan results (NBE files)

/opt/Nscans/reports – to hold scan reports (e.g., HTML files)

 

Step 1: create a file (e.g., /opt/Nscans/targets/prod_servers.txt) containing the targets you want to scan, each separated by a newline; for example:

 

192.168.1.2-192.168.1.254

192.168.2.129-192.168.1.254

Myhost.myorg.com

192.168.3.75

 

Step 2: copy an existing .nessusrc file (usually found somewhere under $HOME/.nessus) to /opt/Nscans/configs/prod_servers.cfg, tweak it as desired.

 

Step 3: Create a nessus user and password using /opt/nessus/sbin/nessus-adduser (e.g., Nscan_User / N5c4n_U53r)

 

Step 4: create a script named (for example) prod_servers.sh in /opt/Nscans/scripts:

 

#!/bin/sh

 

NCMD=/usr/local/bin/NessusClient

 

NHOST=myhost.myorg.com

NPORT=1241

NUSER=Nscan_User

NPASS=N5c4n_U53r

 

NCONFIG=/opt/Nscans/configs/prod_servers.cfg

NTARGET=/opt/Nscans/targets/prod_servers.txt

NRESULT=/opt/Nscans/results/prod_servers.nbe

NREPORT=/opt/Nscans/reports/prod_servers.html

 

$NCMD –c $NCONFIG –T nbe –xq $NHOST $NPORT $NUSER $NPASS $NTARGET $NRESULT

$NCMD –i $NRESULT –o $NREPORT

 

Step 5: Create a crontab entry similar to the following (this will run the scan at midnight on the first Sunday of every month):

 

00 00 * * Sun  [`date +\%d` -lt 8] && /opt/Nscans/scripts/prod_servers.sh

 

Note: You will have to do something to keep the copied nessusrc file up-to-date with current plugins.  George Theall's update-nessusrc perl script is a good choice, and he keeps it current.

 

John Scherff

Sr. IT Security Analyst

24 Hour Fitness

 

 

---

From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On Behalf Of Shingari, Nitin V.
Sent: Sunday, January 14, 2007 7:29 PM
To: nessus@list.nessus.org
Subject: Periodic Scan with nessus?

 

Hi folks,

 

How we can set nessus to do periodic scan and save report in specific folder after every scan with specific name and overwrite existing report?

 

Warm Regards

Nitin Shingari

nvshingari@ipolicynetworks.com

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus