Nessus Server Status Stays UNKNOWN

Brought to you by: greg_k, mjbrenegan

#179 Nessus Server Status Stays UNKNOWN

Status: open

Owner: nobody

Labels: Web Interface (PHP) (89)

Priority: 5

Updated: 2009-12-10

Created: 2009-12-10

Creator: Anonymous

Private: No

Installed version 1.9.2.014 (from SVN) and the status of my nessus scanner stays UNKNOWN.

Crontab Entries:
40 3 * * * /opt/Inprotect/sbin/updateplugins.pl
*/1 * * * * /opt/Inprotect/sbin/port_scan.pl
*/1 * * * * /opt/Inprotect/sbin/nessusCron.pl -s > /dev/null 2>&1
00 2 * * * /opt/Inprotect/sbin/maintenance.pl > /dev/null 2>&1

Discussion

Kenneth Kline - 2009-12-11

tail -100 /opt/Inprotect/var/log/nessus_cron2.log

look for some additional perl modules that may be missing.

DateTime is a new requirement. Some distros have a few modules installed that are required and I haven't yet identfied them on the list. The log should identify why it isn't running. The script in the normal condition updates the status of the servers before starting any scans every 5 minutes.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Nobody/Anonymous - 2009-12-11

That log does not exist. I tried running the nessusCron.pl script with the -s argument (as it is in the cron job) and I get an invalid argument error message. Reviewing the script, I don't see this as an option.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Kenneth Kline - 2009-12-12

Ok, here is the problem. Between 1.0 and 1.9+ ( 2.0 ).

I changed the backend code a little bit to have fewer switches used and better name some of them.

In 1.0

nessusCron.pl -s ( would make it run using scanlite per module to talk to nessus server)
nessusCron.pl -c ( would make it run using nessus client to talk to nessus server )

in 1.9 the switch to use is now -m ( mode ) valid values are "client" or "scanlite"

crontab should be as follows: It appears I overlooked this issue in my latest build:

*/1 * * * * /opt/Inprotect/sbin/nessusCron.pl -m client > /dev/null 2>&1

After that the log should then exist and can identify potential missing perl modules within the first few runs>

to test it su to root

and then

/opt/Inprotect/sbin/nessusCron.pl -m client -d # -d is debug full logging

if the scan starts but fails due to additional perl modules needed you will need to do

/opt/Inprotect/sbin/nessusCron.pl -r yes ( cleans up system - reset ). Should not reset the scanner counts running status when scans are running. )

Ken

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.