On Wed, Apr 06, 2005 at 05:16:19PM +0200, David wrote: > - is it possible to create an independent gui and call > plugins located in the nessusd server? Some of the plugins can be run from a commandline using the nasl interpreter. Many, though, require access to KB entries, which the commandline nasl tool doesn't support. [Note: Pavel Kankovsky posted some patches to nessus-devel about a year ago to support that. I never used them myself and don't know if they will work with the current version.] > - all the traffic generated by nessus is malicious? i mean > , is there any "good" packet during an attack? Is sending "GET /" to a web server malicious? Many plugins rely on such requests to check for banners of vulnerable software. Others login into remote hosts using accounts that have been set up by administrators for the purpose of collecting information locally (eg, running "rpm -qa" on a RedHat system). Is such traffic malicious? The answer is not as simple as you'd like it to be, I suspect. George -- theall@private _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Wed Apr 06 2005 - 17:35:51 PDT