inprotect-users Mailing List for Inprotect
Brought to you by:
greg_k,
mjbrenegan
You can subscribe to this list here.
2003 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(18) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(1) |
Feb
(36) |
Mar
(57) |
Apr
(24) |
May
(24) |
Jun
(31) |
Jul
(28) |
Aug
(8) |
Sep
(9) |
Oct
(17) |
Nov
(138) |
Dec
(77) |
2005 |
Jan
(125) |
Feb
(101) |
Mar
(25) |
Apr
(31) |
May
(6) |
Jun
(15) |
Jul
(14) |
Aug
(31) |
Sep
(19) |
Oct
(11) |
Nov
(3) |
Dec
(2) |
2006 |
Jan
(5) |
Feb
(2) |
Mar
(6) |
Apr
(1) |
May
(5) |
Jun
|
Jul
(18) |
Aug
(37) |
Sep
(36) |
Oct
(54) |
Nov
(5) |
Dec
(34) |
2007 |
Jan
(3) |
Feb
(27) |
Mar
(39) |
Apr
(30) |
May
(33) |
Jun
(4) |
Jul
(12) |
Aug
(13) |
Sep
(11) |
Oct
(36) |
Nov
(104) |
Dec
(24) |
2008 |
Jan
(20) |
Feb
(12) |
Mar
(6) |
Apr
(8) |
May
(78) |
Jun
(88) |
Jul
(40) |
Aug
(40) |
Sep
(18) |
Oct
(25) |
Nov
(17) |
Dec
|
2009 |
Jan
|
Feb
|
Mar
(4) |
Apr
(3) |
May
(8) |
Jun
(3) |
Jul
|
Aug
|
Sep
(2) |
Oct
(2) |
Nov
(4) |
Dec
(7) |
2010 |
Jan
(3) |
Feb
(5) |
Mar
(3) |
Apr
(16) |
May
(3) |
Jun
(4) |
Jul
(3) |
Aug
(3) |
Sep
(2) |
Oct
|
Nov
(2) |
Dec
|
2013 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Isac B. <pi...@ya...> - 2010-11-03 16:56:41
|
Sorry, ya'll I figured this one out. I'm a complete moron. I some how did not notice the link for 'Show all results' and 'Display only my Results'. At some point it got flipped to 'Display only my Results'. I.B. "top posting cause yahoo makes me..." --- On Mon, 11/1/10, Isac Balder <pi...@ya...> wrote: > From: Isac Balder <pi...@ya...> > Subject: Results not displaying properly > To: inp...@li... > Date: Monday, November 1, 2010, 12:27 PM > All, > > I'm running 1.00Final on Fedora. > > Came in today and while showing one of our new hires how to > use the system realized that the nessus results are not > displaying properly. > > Server has been up for 50 days and made no changes to the > system config. > > Initially no reports were being displayed except for one > scan back in June. > After running './sbin/nessusCron_1.60.pl -r yes' the > general list of results came back for Admin. But still > cannot get reports to display for other users. > > Is there any maintenance steps I'm missing here? > Purge is set for the default 180 days and have not been > using the system that long yet, so purge should not be the > issue. Also I can still see all the results and > reports in the DB when accessing mysql directly. > > Any ideas? > > Thanks > > I.B. > > "top posting cause yahoo makes me..." > > > > > > |
From: Isac B. <pi...@ya...> - 2010-11-01 16:28:22
|
All, I'm running 1.00Final on Fedora. Came in today and while showing one of our new hires how to use the system realized that the nessus results are not displaying properly. Server has been up for 50 days and made no changes to the system config. Initially no reports were being displayed except for one scan back in June. After running './sbin/nessusCron_1.60.pl -r yes' the general list of results came back for Admin. But still cannot get reports to display for other users. Is there any maintenance steps I'm missing here? Purge is set for the default 180 days and have not been using the system that long yet, so purge should not be the issue. Also I can still see all the results and reports in the DB when accessing mysql directly. Any ideas? Thanks I.B. "top posting cause yahoo makes me..." |
From: Paul R. <el...@gm...> - 2010-09-18 13:20:57
|
Hi, I've just recently been getting this error in the updateplugins.log file. It says 'Begin Dump Plugins', then updateplugins.pl fails saying it can't connect to nessusd and I get an error from updateplugins.pl saying 'Failed Dump Plugins". Nessus doesnt restart according to nessusd.messages while this is going on? It also dumps an empty plugins.sql file in my Inprotect tmp folder. It has always worked fine for months. Anything I can check? Running Nessus 4.0.1 and Inprotect 1.00final. Regards Roch |
From: Fiorenzi A. <ale...@in...> - 2010-09-02 17:12:03
|
Hi, I have followed Inprotect from many years and now that I have time to test I have installed it. It' seems very good and should be but I see too many things in configuration about which I do not know how can tune for my use. Is there a detailed manual where to study how to tune all configuration feature? Thanks Prima di stampare, pensa all'ambiente ** Think about the environment before printing ________________________________ Il presente messaggio, inclusi gli eventuali allegati, ha natura aziendale e potrebbe contenere informazioni confidenziali e/o riservate. Chiunque lo ricevesse per errore, ? pregato di avvisare tempestivamente il mittente e di cancellarlo. E' strettamente vietata qualsiasi forma di utilizzo, riproduzione o diffusione non autorizzata del contenuto di questo messaggio o di parte di esso. Pur essendo state assunte le dovute precauzioni per ridurre al minimo il rischio di trasmissione di virus, si suggerisce di effettuare gli opportuni controlli sui documenti allegati al presente messaggio. Non si assume alcuna responsabilit? per eventuali danni o perdite derivanti dalla presenza di virus. *** This email (including any attachment) is a corporate message and may contain confidential and/or privileged and/or proprietary information. If you have received this email in error, please notify the sender immediately, do not use or share it and destroy this email. Any unauthorised use, copying or disclosure of the material in this email or of parts hereof (including reliance thereon) is strictly forbidden. We have taken precautions to minimize the risk of transmitting software viruses but nevertheless advise you to carry out your own virus checks on any attachment of this message. We accept no liability for loss or damage caused by software viruses. For the conduct of investment business in the UK, the Company is authorized by Bank of Italy and regulated by the Financial Services Authority. |
From: Kenneth K. <ken...@gm...> - 2010-08-17 01:26:24
|
On Monday, August 16, 2010 10:13:17 am Hai...@in... wrote: > applicable rules and regulations, Instinet > reviews and archives incoming and outgoing email communications, > copies of which may be produced at the request of regulators. > This message is intended only for the personal and confidential Currently not from an automated stand point. Here is the means to do so, per the following requirements 1. If you have the same version running on both servers 2. per the destination you want the exact profiles of the first server If profiles exist on the second that did not on the first and you do not want to loose them, there is no easy way currently, I managed them by hand. Anyway say the first two options were satsifactory do the following you can use phpMyAdmin and use the export feature; using default format sql check the option to drop the table before creating it on the second db and export the all tables with "*policy*"in the name. you can save can have it save them to a file then on remote server mysqldump -p <dbname> > <path_to_save_a_backup> use mysql -p <dbname> <path_to_sql_to_import> |
From: Hai.Nguyen@Instinet.com - 2010-08-16 14:28:46
|
Is there a way to copy the profile for plug-in to another Inprotect server? This it the nessus scan profile from menu Admin -> Nessus Policy. I am running Inprotect v 1.9.3.002 with Nessus 4.2 on SuSE 11.2 ***************************************************************** <<<Disclaimer>>> In compliance with applicable rules and regulations, Instinet reviews and archives incoming and outgoing email communications, copies of which may be produced at the request of regulators. This message is intended only for the personal and confidential use of the recipients named above. If the reader of this email is not the intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and permanently delete the copy you received. Instinet accepts no liability for any content contained in the email, or any errors or omissions arising as a result of email transmission. Any opinions contained in this email constitute the sender's best judgment at this time and are subject to change without notice. Instinet does not make recommendations of a particular security and the information contained in this email should not be considered as a recommendation, an offer or a solicitation of an offer to buy and sell securities. ***************************************************************** |
From: Isac B. <pi...@ya...> - 2010-08-11 16:19:58
|
Using Inprotect v1.00final While editing a scan profile under ServerPrefs there are two options for max hosts 'max hosts''max_hosts' Is there a difference here? Is 'max hosts' a valid option? I'm not aware of this being used by nessus.Or is this simply a typo in the app? I.B. "top posting cause yahoo makes me..." |
From: Daniel D. <dd...@ma...> - 2010-07-07 11:43:38
|
Ken, Thanks for the reply. I'll keep tabs on the project and we'll run with 1.9.3.002 and see how it goes. I'll let you know how it works - Dan ________________________________________ From: Kenneth Kline [ken...@gm...] Sent: Tuesday, July 06, 2010 7:58 PM To: Inprotect Users : General questions & announcements Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn Dan, 1.9.3.002 is the most recent tested build. I have been in the process of switching jobs and have not had much free time to work on trying to capture / test a new build. I do want to wrap up some key issues and get out a good build will many needed fixes, that were not in 1.9.3.002 due to lack of time. Ken On Tuesday 06 July 2010 02:21:32 pm Daniel Didier wrote: > Hello, Ken. We're just digging into this now; is your recommendation still > the same on which version to run? > > We just got the CentOS 5.5 box built and ready to install... Keep in mind, > we will use the professional feed. > > Thanks for your help, > Dan > > ________________________________________ > From: Kenneth Kline [ken...@gm...] > Sent: Wednesday, April 28, 2010 7:06 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > Dan, > > I have done most of all my work to date on Either Redhat EL5 or > CentOS 5.2+. > > >From a test perspective, I have alway built the servers up using a minimal > > install, uncheck everything per customize now ( I.E nothing selected NO GUI > ). I hate having up continually update, minimal install I can go about a > month between downtime / reboots for patches. > > Also minimal install allows me to better capture what is needed for the > App. > > RH EL5 does not get SSHD out of the box on the minimal, then have to added > the rhn / yum to get license and feed to where can use yum list/install to > get all the additional requirements met. > > Centos 5 per minimal yum is working out of the box / sshd too. Doesn't > take long to build up from there. > > per /opt/Inprotect/install/documentation/distro_notes/ look for centos > > should be fairly accurate, few new dependancies such as phpExcel > > > If interested in running Zend Server 5.3 CE instead of included > apache/php/pear/etc takes a little work easier from bare metal install as I > do. > > I have currently using Zend Server 5.3 CE for all the latest php 5.3 > functions, It takes some work research to get pear to work on it. Plus I > like to keep /usr/bin/pear /usr/bin/php available so if you go that route > will have to link to /usr/local/zend/bin/pear and php > > adding phpmyadmin /etc per RPM requires adding Sourceforge to yum repos > > I will try and document this process sometime too. > > Ken > > On Wednesday 28 April 2010 09:43:22 am Daniel Didier wrote: > > Ken, > > Thanks for the detailed response; it is greatly appreciated as is your > > development on this project. The features that you mention will be very > > valuable and we will look forward to their release. Anything you can do > > to reduce the development time would be a big plus. > > > > One last question: Do you have any recommendations for running this on a > > CentOS setup? Is there any reason not to use the latest 5.4 release? > > > > Thanks again, > > Dan > > > > > > > > From: Kenneth Kline > > Sent: Tue 4/27/2010 5:53 PM > > To: Inprotect Users : General questions & announcements > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > Dan, > > > > I wanted to push to get it out prior to new years. I have been > > working on it currently to get some of the interface features for > > managing groups stuff. I have not published some of the recent work back > > to SVN yet. I doubt I will push for anything major to be released on > > until several features are enhanced and implemented. > > > > a reporting wizard needs written yet. I have been working to do some > > custom reporting to track changes and looking to do a delta and /or net > > remains view based on two reports. > > > > A number of other features to really finish it out. I will likely keep > > publishing minor changes over the course of this year before releasing a > > 2.0. > > > > I am not working to meet any timeline so get out a release that generates > > revenue so there is not true benefit to change from 1.x to 2.x naming > > anytime soon. Part of being a perfectionist. > > > > When I do hit 2.0, I am thinking to potentially give adobe flex a shot as > > it looks to have some promise and can save development time on the front > > end ( which is where all the time is spent ) > > > > Ken > > > > On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > > > Ken, > > > I appreciate the input; We'll run with 1.9 and look forward to seeing > > > the improvements. > > > > > > I'm sure you've been asked this before, but do you feel a 2.0 will be > > > coming out soon? > > > > > > Thanks, > > > Dan > > > > > > > > > > > > From: Kenneth Kline > > > Sent: Mon 4/26/2010 5:32 PM > > > To: Inprotect Users : General questions & announcements > > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > USE 1.9 > > > > > > 1.0 is not being maintained. > > > > > > 1.9 offers more table normalization, which means far more performance > > > gain and db space saving over 1.0. > > > > > > Sexier reports, more feature rich, and a number of features that was > > > not written per the 1.0 front end are now all considered per 1.9 > > > > > > Ken > > > > > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > > > Kenneth, > > > > Thanks for all of your effort on this project. We are looking to > > > > deploy inprotect and wonder if you would recommend using version 1.0 > > > > or 1.9? > > > > > > > > Your input would be greatly appreciated - Dan > > > > > > > > > > > > > > > > From: Kenneth Kline > > > > Sent: Wed 3/10/2010 9:39 PM > > > > To: Inprotect Users : General questions & announcements > > > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > > > > > OpenVAS is supported. > > > > > > > > Need some help testing it: > > > > > > > > recommendations thus far is to disable plugins for the following > > > > under OpenVAS > > > > > > > > amap > > > > ike-scan > > > > porttranny (or such) > > > > > > > > Then things would really speed up! > > > > > > > > I have finally - published front-end pages to manage > > > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > > > > > These are still being written/optimized/debugged by me, I have a few > > > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > > > been working in the notes / exceptions tracking in all the report > > > > formats. > > > > > > > > I redid the HTML. I am currrently still working on it to provide > > > > toggle between group by HOSTIP/SERVICE/SCRIPT id then can drill down > > > > according ( similar to the view of the Nessus Windows Client ) makes > > > > quick work of identifying keys issues. > > > > > > > > I also put code in the full pdf report to truncate it when there is > > > > more than 1500 hits. It starts showing risk from Highest to Lowest ( > > > > until it hits that count and will leave out any lower risk value when > > > > report it super big ). I felt it is better to generate a partial > > > > report and indicate truncated potentially low/infos from the report > > > > vs page time out due to report being 2+ thousand pages exhausting > > > > memory etc trying to generate. > > > > > > > > Still much to do > > > > > > > > Ken > > > > > > > > --------------------------------------------------------------------- > > > >-- -- -- --- Download Intel® Parallel Studio Eval > > > > Try the new software tools for yourself. Speed compiling, find bugs > > > > proactively, and fine-tune applications for parallel performance. > > > > See why Intel Parallel Studio got high marks during beta. > > > > http://p.sf.net/sfu/intel-sw-dev > > > > _______________________________________________ > > > > inprotect-users mailing list > > > > inp...@li... > > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > > > ----------------------------------------------------------------------- > > >-- -- --- _______________________________________________ > > > inprotect-users mailing list > > > inp...@li... > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > ------------------------------------------------------------------------- > >-- --- _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > --------------------------------------------------------------------------- > --- This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ inprotect-users mailing list inp...@li... https://lists.sourceforge.net/lists/listinfo/inprotect-users |
From: Kenneth K. <ken...@gm...> - 2010-07-06 23:32:12
|
Dan, 1.9.3.002 is the most recent tested build. I have been in the process of switching jobs and have not had much free time to work on trying to capture / test a new build. I do want to wrap up some key issues and get out a good build will many needed fixes, that were not in 1.9.3.002 due to lack of time. Ken On Tuesday 06 July 2010 02:21:32 pm Daniel Didier wrote: > Hello, Ken. We're just digging into this now; is your recommendation still > the same on which version to run? > > We just got the CentOS 5.5 box built and ready to install... Keep in mind, > we will use the professional feed. > > Thanks for your help, > Dan > > ________________________________________ > From: Kenneth Kline [ken...@gm...] > Sent: Wednesday, April 28, 2010 7:06 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > Dan, > > I have done most of all my work to date on Either Redhat EL5 or > CentOS 5.2+. > > >From a test perspective, I have alway built the servers up using a minimal > > install, uncheck everything per customize now ( I.E nothing selected NO GUI > ). I hate having up continually update, minimal install I can go about a > month between downtime / reboots for patches. > > Also minimal install allows me to better capture what is needed for the > App. > > RH EL5 does not get SSHD out of the box on the minimal, then have to added > the rhn / yum to get license and feed to where can use yum list/install to > get all the additional requirements met. > > Centos 5 per minimal yum is working out of the box / sshd too. Doesn't > take long to build up from there. > > per /opt/Inprotect/install/documentation/distro_notes/ look for centos > > should be fairly accurate, few new dependancies such as phpExcel > > > If interested in running Zend Server 5.3 CE instead of included > apache/php/pear/etc takes a little work easier from bare metal install as I > do. > > I have currently using Zend Server 5.3 CE for all the latest php 5.3 > functions, It takes some work research to get pear to work on it. Plus I > like to keep /usr/bin/pear /usr/bin/php available so if you go that route > will have to link to /usr/local/zend/bin/pear and php > > adding phpmyadmin /etc per RPM requires adding Sourceforge to yum repos > > I will try and document this process sometime too. > > Ken > > On Wednesday 28 April 2010 09:43:22 am Daniel Didier wrote: > > Ken, > > Thanks for the detailed response; it is greatly appreciated as is your > > development on this project. The features that you mention will be very > > valuable and we will look forward to their release. Anything you can do > > to reduce the development time would be a big plus. > > > > One last question: Do you have any recommendations for running this on a > > CentOS setup? Is there any reason not to use the latest 5.4 release? > > > > Thanks again, > > Dan > > > > > > > > From: Kenneth Kline > > Sent: Tue 4/27/2010 5:53 PM > > To: Inprotect Users : General questions & announcements > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > Dan, > > > > I wanted to push to get it out prior to new years. I have been > > working on it currently to get some of the interface features for > > managing groups stuff. I have not published some of the recent work back > > to SVN yet. I doubt I will push for anything major to be released on > > until several features are enhanced and implemented. > > > > a reporting wizard needs written yet. I have been working to do some > > custom reporting to track changes and looking to do a delta and /or net > > remains view based on two reports. > > > > A number of other features to really finish it out. I will likely keep > > publishing minor changes over the course of this year before releasing a > > 2.0. > > > > I am not working to meet any timeline so get out a release that generates > > revenue so there is not true benefit to change from 1.x to 2.x naming > > anytime soon. Part of being a perfectionist. > > > > When I do hit 2.0, I am thinking to potentially give adobe flex a shot as > > it looks to have some promise and can save development time on the front > > end ( which is where all the time is spent ) > > > > Ken > > > > On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > > > Ken, > > > I appreciate the input; We'll run with 1.9 and look forward to seeing > > > the improvements. > > > > > > I'm sure you've been asked this before, but do you feel a 2.0 will be > > > coming out soon? > > > > > > Thanks, > > > Dan > > > > > > > > > > > > From: Kenneth Kline > > > Sent: Mon 4/26/2010 5:32 PM > > > To: Inprotect Users : General questions & announcements > > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > USE 1.9 > > > > > > 1.0 is not being maintained. > > > > > > 1.9 offers more table normalization, which means far more performance > > > gain and db space saving over 1.0. > > > > > > Sexier reports, more feature rich, and a number of features that was > > > not written per the 1.0 front end are now all considered per 1.9 > > > > > > Ken > > > > > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > > > Kenneth, > > > > Thanks for all of your effort on this project. We are looking to > > > > deploy inprotect and wonder if you would recommend using version 1.0 > > > > or 1.9? > > > > > > > > Your input would be greatly appreciated - Dan > > > > > > > > > > > > > > > > From: Kenneth Kline > > > > Sent: Wed 3/10/2010 9:39 PM > > > > To: Inprotect Users : General questions & announcements > > > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > > > > > OpenVAS is supported. > > > > > > > > Need some help testing it: > > > > > > > > recommendations thus far is to disable plugins for the following > > > > under OpenVAS > > > > > > > > amap > > > > ike-scan > > > > porttranny (or such) > > > > > > > > Then things would really speed up! > > > > > > > > I have finally - published front-end pages to manage > > > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > > > > > These are still being written/optimized/debugged by me, I have a few > > > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > > > been working in the notes / exceptions tracking in all the report > > > > formats. > > > > > > > > I redid the HTML. I am currrently still working on it to provide > > > > toggle between group by HOSTIP/SERVICE/SCRIPT id then can drill down > > > > according ( similar to the view of the Nessus Windows Client ) makes > > > > quick work of identifying keys issues. > > > > > > > > I also put code in the full pdf report to truncate it when there is > > > > more than 1500 hits. It starts showing risk from Highest to Lowest ( > > > > until it hits that count and will leave out any lower risk value when > > > > report it super big ). I felt it is better to generate a partial > > > > report and indicate truncated potentially low/infos from the report > > > > vs page time out due to report being 2+ thousand pages exhausting > > > > memory etc trying to generate. > > > > > > > > Still much to do > > > > > > > > Ken > > > > > > > > --------------------------------------------------------------------- > > > >-- -- -- --- Download Intel® Parallel Studio Eval > > > > Try the new software tools for yourself. Speed compiling, find bugs > > > > proactively, and fine-tune applications for parallel performance. > > > > See why Intel Parallel Studio got high marks during beta. > > > > http://p.sf.net/sfu/intel-sw-dev > > > > _______________________________________________ > > > > inprotect-users mailing list > > > > inp...@li... > > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > > > ----------------------------------------------------------------------- > > >-- -- --- _______________________________________________ > > > inprotect-users mailing list > > > inp...@li... > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > ------------------------------------------------------------------------- > >-- --- _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > --------------------------------------------------------------------------- > --- This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > |
From: Daniel D. <dd...@ma...> - 2010-07-06 18:41:34
|
Hello, Ken. We're just digging into this now; is your recommendation still the same on which version to run? We just got the CentOS 5.5 box built and ready to install... Keep in mind, we will use the professional feed. Thanks for your help, Dan ________________________________________ From: Kenneth Kline [ken...@gm...] Sent: Wednesday, April 28, 2010 7:06 PM To: Inprotect Users : General questions & announcements Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn Dan, I have done most of all my work to date on Either Redhat EL5 or CentOS 5.2+. >From a test perspective, I have alway built the servers up using a minimal install, uncheck everything per customize now ( I.E nothing selected NO GUI ). I hate having up continually update, minimal install I can go about a month between downtime / reboots for patches. Also minimal install allows me to better capture what is needed for the App. RH EL5 does not get SSHD out of the box on the minimal, then have to added the rhn / yum to get license and feed to where can use yum list/install to get all the additional requirements met. Centos 5 per minimal yum is working out of the box / sshd too. Doesn't take long to build up from there. per /opt/Inprotect/install/documentation/distro_notes/ look for centos should be fairly accurate, few new dependancies such as phpExcel If interested in running Zend Server 5.3 CE instead of included apache/php/pear/etc takes a little work easier from bare metal install as I do. I have currently using Zend Server 5.3 CE for all the latest php 5.3 functions, It takes some work research to get pear to work on it. Plus I like to keep /usr/bin/pear /usr/bin/php available so if you go that route will have to link to /usr/local/zend/bin/pear and php adding phpmyadmin /etc per RPM requires adding Sourceforge to yum repos I will try and document this process sometime too. Ken On Wednesday 28 April 2010 09:43:22 am Daniel Didier wrote: > Ken, > Thanks for the detailed response; it is greatly appreciated as is your > development on this project. The features that you mention will be very > valuable and we will look forward to their release. Anything you can do > to reduce the development time would be a big plus. > > One last question: Do you have any recommendations for running this on a > CentOS setup? Is there any reason not to use the latest 5.4 release? > > Thanks again, > Dan > > > > From: Kenneth Kline > Sent: Tue 4/27/2010 5:53 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > Dan, > > I wanted to push to get it out prior to new years. I have been working on > it currently to get some of the interface features for managing groups > stuff. I have not published some of the recent work back to SVN yet. I > doubt I will push for anything major to be released on until several > features are enhanced and implemented. > > a reporting wizard needs written yet. I have been working to do some > custom reporting to track changes and looking to do a delta and /or net > remains view based on two reports. > > A number of other features to really finish it out. I will likely keep > publishing minor changes over the course of this year before releasing a > 2.0. > > I am not working to meet any timeline so get out a release that generates > revenue so there is not true benefit to change from 1.x to 2.x naming > anytime soon. Part of being a perfectionist. > > When I do hit 2.0, I am thinking to potentially give adobe flex a shot as > it looks to have some promise and can save development time on the front > end ( which is where all the time is spent ) > > Ken > > On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > > Ken, > > I appreciate the input; We'll run with 1.9 and look forward to seeing the > > improvements. > > > > I'm sure you've been asked this before, but do you feel a 2.0 will be > > coming out soon? > > > > Thanks, > > Dan > > > > > > > > From: Kenneth Kline > > Sent: Mon 4/26/2010 5:32 PM > > To: Inprotect Users : General questions & announcements > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > USE 1.9 > > > > 1.0 is not being maintained. > > > > 1.9 offers more table normalization, which means far more performance > > gain and db space saving over 1.0. > > > > Sexier reports, more feature rich, and a number of features that was not > > written per the 1.0 front end are now all considered per 1.9 > > > > Ken > > > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > > Kenneth, > > > Thanks for all of your effort on this project. We are looking to > > > deploy inprotect and wonder if you would recommend using version 1.0 or > > > 1.9? > > > > > > Your input would be greatly appreciated - Dan > > > > > > > > > > > > From: Kenneth Kline > > > Sent: Wed 3/10/2010 9:39 PM > > > To: Inprotect Users : General questions & announcements > > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > > > OpenVAS is supported. > > > > > > Need some help testing it: > > > > > > recommendations thus far is to disable plugins for the following under > > > OpenVAS > > > > > > amap > > > ike-scan > > > porttranny (or such) > > > > > > Then things would really speed up! > > > > > > I have finally - published front-end pages to manage > > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > > > These are still being written/optimized/debugged by me, I have a few > > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > > been working in the notes / exceptions tracking in all the report > > > formats. > > > > > > I redid the HTML. I am currrently still working on it to provide > > > toggle between group by HOSTIP/SERVICE/SCRIPT id then can drill down > > > according ( similar to the view of the Nessus Windows Client ) makes > > > quick work of identifying keys issues. > > > > > > I also put code in the full pdf report to truncate it when there is > > > more than 1500 hits. It starts showing risk from Highest to Lowest ( > > > until it hits that count and will leave out any lower risk value when > > > report it super big ). I felt it is better to generate a partial > > > report and indicate truncated potentially low/infos from the report vs > > > page time out due to report being 2+ thousand pages exhausting memory > > > etc trying to generate. > > > > > > Still much to do > > > > > > Ken > > > > > > ----------------------------------------------------------------------- > > >-- -- --- Download Intel® Parallel Studio Eval > > > Try the new software tools for yourself. Speed compiling, find bugs > > > proactively, and fine-tune applications for parallel performance. > > > See why Intel Parallel Studio got high marks during beta. > > > http://p.sf.net/sfu/intel-sw-dev > > > _______________________________________________ > > > inprotect-users mailing list > > > inp...@li... > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > ------------------------------------------------------------------------- > >-- --- _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > ------------------------------------------------------------------------------ _______________________________________________ inprotect-users mailing list inp...@li... https://lists.sourceforge.net/lists/listinfo/inprotect-users |
From: Isac B. <pi...@ya...> - 2010-06-17 20:27:59
|
Upon creating a new user the admin.php sends an email to that user with a predefined ppt, SOCSCAN_Training.ppt. While this file did not exist on my build, when I upload a custom doc and change the name accordingly the document is delivered to the user with no data. Have tried several formats, ppt, pdf, txt, and the user always gets an empty file. I'm not familiar with the PDFMail functionality and not even sure what would be causing this.Is this a known issue?Or did I miss something in my config? Thanks I.B. "top posting cause yahoo makes me..." |
From: Isac B. <pi...@ya...> - 2010-06-16 14:23:41
|
Kenneth, Thanks, I stumbled upon that same post this morning. The my.cnf is pointing to the correct location. Attempts to force the location via adodb in config.php failed. Everything else I found was pointing to the use of a symlink. While I don't exactly like it, the symlink got things working. ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock FYI, This is on a RHEL5 box, did not have to do this on my test box which is Fedora 12. I should really test and run on the same platform ; ) Thanks again. I.B. "top posting cause yahoo makes me..." --- On Tue, 6/15/10, Kenneth Kline <ken...@gm...> wrote: > From: Kenneth Kline <ken...@gm...> > Subject: Re: [Inprotect-users] SQL cannot connect > To: "Inprotect Users : General questions & announcements" <inp...@li...> > Date: Tuesday, June 15, 2010, 6:21 PM > On Tuesday 15 June 2010 01:28:12 pm > Isac Balder wrote: > > Installed 1.93 and when attempting to view the web > interface getting a sql > > error. mysql://inprotect:@localhost/inprotect3 > failed to connectCan't > > connect to local MySQL server through socket > '/tmp/mysql.sock' (2) > > > > Any thoughts? > > I.B. > > > > > > > > "top posting cause yahoo makes me..." > > > > > It appears to be a problem with the install location of the > mysql database and > where the system is trying to find the /mysql.sock fille > > In my one install version I allowed it to be specified as I > had to install > mysql /var/lib/mysql to a non-standar location as my ./var > partition was not > big enough. > > check the following article may help > > http://www.tech-recipes.com/rx/762/solve-cant-connect-to-local-mysql-server- > through-socket-tmpmysqlsock/ > > review /etc/my.cnf to see where the socket is specified and > see where it is > really at. > > also check the command line usage and test connectivity > > mysql -u inprotect -p inprotect3 > enter password > then at prompt > > > >show tables; > >exit; > > as a test > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED's GeekDad team up for the Ultimate > GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to > win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > |
From: Kenneth K. <ken...@gm...> - 2010-06-15 21:59:34
|
On Tuesday 15 June 2010 01:28:12 pm Isac Balder wrote: > Installed 1.93 and when attempting to view the web interface getting a sql > error. mysql://inprotect:@localhost/inprotect3 failed to connectCan't > connect to local MySQL server through socket '/tmp/mysql.sock' (2) > > Any thoughts? > I.B. > > > > "top posting cause yahoo makes me..." > It appears to be a problem with the install location of the mysql database and where the system is trying to find the /mysql.sock fille In my one install version I allowed it to be specified as I had to install mysql /var/lib/mysql to a non-standar location as my ./var partition was not big enough. check the following article may help http://www.tech-recipes.com/rx/762/solve-cant-connect-to-local-mysql-server- through-socket-tmpmysqlsock/ review /etc/my.cnf to see where the socket is specified and see where it is really at. also check the command line usage and test connectivity mysql -u inprotect -p inprotect3 enter password then at prompt > >show tables; >exit; as a test |
From: Isac B. <pi...@ya...> - 2010-06-15 17:28:20
|
Installed 1.93 and when attempting to view the web interface getting a sql error. mysql://inprotect:@localhost/inprotect3 failed to connectCan't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Any thoughts? I.B. "top posting cause yahoo makes me..." |
From: Kenneth K. <ken...@gm...> - 2010-05-12 22:42:57
|
On Wednesday 12 May 2010 11:47:35 am Hai...@in... wrote: > I could not get Inprotect to run. It can't detect nessus (4.2 professional > feed) so the servers status are always UNKNOWN. Try to manually > run /opt/Inprotect/sbin/nessusCron.pl -s >> error showed the flag -s is > unknown. What is -s flag from the crontab? > > ***************************************************************** > <<<Disclaimer>>> > > In compliance with applicable rules and regulations, Instinet > reviews and archives incoming and outgoing email communications, > copies of which may be produced at the request of regulators. > This message is intended only for the personal and confidential > use of the recipients named above. If the reader of this email > is not the intended recipient, you have received this email in > error and any review, dissemination, distribution or copying is > strictly prohibited. If you have received this email in error, > please notify the sender immediately by return email and > permanently delete the copy you received. > > Instinet accepts no liability for any content contained in the > email, or any errors or omissions arising as a result of email > transmission. Any opinions contained in this email constitute > the sender's best judgment at this time and are subject to change > without notice. Instinet does not make recommendations of a > particular security and the information contained in this email > should not be considered as a recommendation, an offer or a > solicitation of an offer to buy and sell securities. > > ***************************************************************** > depending on the version 1.93 I got rid of -c -s switches and combined ./nessusCron.pl run will show syntax one version had not updated the crontab entries should be /opt/Inprotect/sbin/nessusCron.pl -m client -c should be -m client -s should be -m scanlite I tend to use client mode on the newer nessus versions client mode is that the scan is performed by the "nessus client" scanlite mode uses the scanlite perl modules. I have worked around some changes to the protocol, per 4.2, though I never had the time, knowlege to reverse identify how to upload the compliance audit files, etc. Whenever compliance audits are run the client is force to be used. Best case with pro feed use the client switch -m client per 1.0 nessus the -s switch does not work if scan lite is missing Though I think the installer script was still using crontab per 1.0 Ken |
From: Hai.Nguyen@Instinet.com - 2010-05-12 15:47:42
|
I could not get Inprotect to run. It can't detect nessus (4.2 professional feed) so the servers status are always UNKNOWN. Try to manually run /opt/Inprotect/sbin/nessusCron.pl -s >> error showed the flag -s is unknown. What is -s flag from the crontab? ***************************************************************** <<<Disclaimer>>> In compliance with applicable rules and regulations, Instinet reviews and archives incoming and outgoing email communications, copies of which may be produced at the request of regulators. This message is intended only for the personal and confidential use of the recipients named above. If the reader of this email is not the intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and permanently delete the copy you received. Instinet accepts no liability for any content contained in the email, or any errors or omissions arising as a result of email transmission. Any opinions contained in this email constitute the sender's best judgment at this time and are subject to change without notice. Instinet does not make recommendations of a particular security and the information contained in this email should not be considered as a recommendation, an offer or a solicitation of an offer to buy and sell securities. ***************************************************************** |
From: Kenneth K. <ken...@gm...> - 2010-05-01 00:56:51
|
On Friday 30 April 2010 06:02:05 pm Isac Balder wrote: > gs and would like to avoid the manual entry if possible. > No, currently there is not, but sounds like a good idea. I will try to whip something up near future, If I can't get to it before Monday evening, will be after Friday 7th as I am going to training for 4 days. I will try to write a basic script to allow import as a client run app. I will code it to require minimally the following switches import_nessusrc.pl -f /somepath/oracle.nessusrc -o Admin -a G -n "Oracle Checks" -t NESSUS -f Filename -o Owner -a Access Personal|ORG|Global -n Policy Name -t NESSUS|various compliance checks ( though should always be nessus. I may add the functionality into the import audit files code. I will update when I can get to it. Won't take too long to put together. I already have code that does most of that per the update_plugins etc. Ken |
From: Isac B. <pi...@ya...> - 2010-04-30 22:02:13
|
I don't recall seeing this off the top of my head. Rather than using the web gui and going through all the check boxes and fields to configure a scan policy is there a script in the system that will parse a .nessusrc file and dump it into the database for me? Have several pre-built configs and would like to avoid the manual entry if possible. I.B. "top posting cause yahoo makes me..." |
From: Kenneth K. <ken...@gm...> - 2010-04-28 22:52:27
|
Dan, I have done most of all my work to date on Either Redhat EL5 or CentOS 5.2+. From a test perspective, I have alway built the servers up using a minimal install, uncheck everything per customize now ( I.E nothing selected NO GUI ). I hate having up continually update, minimal install I can go about a month between downtime / reboots for patches. Also minimal install allows me to better capture what is needed for the App. RH EL5 does not get SSHD out of the box on the minimal, then have to added the rhn / yum to get license and feed to where can use yum list/install to get all the additional requirements met. Centos 5 per minimal yum is working out of the box / sshd too. Doesn't take long to build up from there. per /opt/Inprotect/install/documentation/distro_notes/ look for centos should be fairly accurate, few new dependancies such as phpExcel If interested in running Zend Server 5.3 CE instead of included apache/php/pear/etc takes a little work easier from bare metal install as I do. I have currently using Zend Server 5.3 CE for all the latest php 5.3 functions, It takes some work research to get pear to work on it. Plus I like to keep /usr/bin/pear /usr/bin/php available so if you go that route will have to link to /usr/local/zend/bin/pear and php adding phpmyadmin /etc per RPM requires adding Sourceforge to yum repos I will try and document this process sometime too. Ken On Wednesday 28 April 2010 09:43:22 am Daniel Didier wrote: > Ken, > Thanks for the detailed response; it is greatly appreciated as is your > development on this project. The features that you mention will be very > valuable and we will look forward to their release. Anything you can do > to reduce the development time would be a big plus. > > One last question: Do you have any recommendations for running this on a > CentOS setup? Is there any reason not to use the latest 5.4 release? > > Thanks again, > Dan > > > > From: Kenneth Kline > Sent: Tue 4/27/2010 5:53 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > Dan, > > I wanted to push to get it out prior to new years. I have been working on > it currently to get some of the interface features for managing groups > stuff. I have not published some of the recent work back to SVN yet. I > doubt I will push for anything major to be released on until several > features are enhanced and implemented. > > a reporting wizard needs written yet. I have been working to do some > custom reporting to track changes and looking to do a delta and /or net > remains view based on two reports. > > A number of other features to really finish it out. I will likely keep > publishing minor changes over the course of this year before releasing a > 2.0. > > I am not working to meet any timeline so get out a release that generates > revenue so there is not true benefit to change from 1.x to 2.x naming > anytime soon. Part of being a perfectionist. > > When I do hit 2.0, I am thinking to potentially give adobe flex a shot as > it looks to have some promise and can save development time on the front > end ( which is where all the time is spent ) > > Ken > > On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > > Ken, > > I appreciate the input; We'll run with 1.9 and look forward to seeing the > > improvements. > > > > I'm sure you've been asked this before, but do you feel a 2.0 will be > > coming out soon? > > > > Thanks, > > Dan > > > > > > > > From: Kenneth Kline > > Sent: Mon 4/26/2010 5:32 PM > > To: Inprotect Users : General questions & announcements > > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > USE 1.9 > > > > 1.0 is not being maintained. > > > > 1.9 offers more table normalization, which means far more performance > > gain and db space saving over 1.0. > > > > Sexier reports, more feature rich, and a number of features that was not > > written per the 1.0 front end are now all considered per 1.9 > > > > Ken > > > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > > Kenneth, > > > Thanks for all of your effort on this project. We are looking to > > > deploy inprotect and wonder if you would recommend using version 1.0 or > > > 1.9? > > > > > > Your input would be greatly appreciated - Dan > > > > > > > > > > > > From: Kenneth Kline > > > Sent: Wed 3/10/2010 9:39 PM > > > To: Inprotect Users : General questions & announcements > > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > > > OpenVAS is supported. > > > > > > Need some help testing it: > > > > > > recommendations thus far is to disable plugins for the following under > > > OpenVAS > > > > > > amap > > > ike-scan > > > porttranny (or such) > > > > > > Then things would really speed up! > > > > > > I have finally - published front-end pages to manage > > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > > > These are still being written/optimized/debugged by me, I have a few > > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > > been working in the notes / exceptions tracking in all the report > > > formats. > > > > > > I redid the HTML. I am currrently still working on it to provide > > > toggle between group by HOSTIP/SERVICE/SCRIPT id then can drill down > > > according ( similar to the view of the Nessus Windows Client ) makes > > > quick work of identifying keys issues. > > > > > > I also put code in the full pdf report to truncate it when there is > > > more than 1500 hits. It starts showing risk from Highest to Lowest ( > > > until it hits that count and will leave out any lower risk value when > > > report it super big ). I felt it is better to generate a partial > > > report and indicate truncated potentially low/infos from the report vs > > > page time out due to report being 2+ thousand pages exhausting memory > > > etc trying to generate. > > > > > > Still much to do > > > > > > Ken > > > > > > ----------------------------------------------------------------------- > > >-- -- --- Download Intel® Parallel Studio Eval > > > Try the new software tools for yourself. Speed compiling, find bugs > > > proactively, and fine-tune applications for parallel performance. > > > See why Intel Parallel Studio got high marks during beta. > > > http://p.sf.net/sfu/intel-sw-dev > > > _______________________________________________ > > > inprotect-users mailing list > > > inp...@li... > > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > > > ------------------------------------------------------------------------- > >-- --- _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > |
From: Daniel D. <dd...@ma...> - 2010-04-28 13:42:56
|
Ken, Thanks for the detailed response; it is greatly appreciated as is your development on this project. The features that you mention will be very valuable and we will look forward to their release. Anything you can do to reduce the development time would be a big plus. One last question: Do you have any recommendations for running this on a CentOS setup? Is there any reason not to use the latest 5.4 release? Thanks again, Dan From: Kenneth Kline Sent: Tue 4/27/2010 5:53 PM To: Inprotect Users : General questions & announcements Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn Dan, I wanted to push to get it out prior to new years. I have been working on it currently to get some of the interface features for managing groups stuff. I have not published some of the recent work back to SVN yet. I doubt I will push for anything major to be released on until several features are enhanced and implemented. a reporting wizard needs written yet. I have been working to do some custom reporting to track changes and looking to do a delta and /or net remains view based on two reports. A number of other features to really finish it out. I will likely keep publishing minor changes over the course of this year before releasing a 2.0. I am not working to meet any timeline so get out a release that generates revenue so there is not true benefit to change from 1.x to 2.x naming anytime soon. Part of being a perfectionist. When I do hit 2.0, I am thinking to potentially give adobe flex a shot as it looks to have some promise and can save development time on the front end ( which is where all the time is spent ) Ken On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > Ken, > I appreciate the input; We'll run with 1.9 and look forward to seeing the > improvements. > > I'm sure you've been asked this before, but do you feel a 2.0 will be > coming out soon? > > Thanks, > Dan > > > > From: Kenneth Kline > Sent: Mon 4/26/2010 5:32 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > USE 1.9 > > 1.0 is not being maintained. > > 1.9 offers more table normalization, which means far more performance gain > and db space saving over 1.0. > > Sexier reports, more feature rich, and a number of features that was not > written per the 1.0 front end are now all considered per 1.9 > > Ken > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > Kenneth, > > Thanks for all of your effort on this project. We are looking to deploy > > inprotect and wonder if you would recommend using version 1.0 or 1.9? > > > > Your input would be greatly appreciated - Dan > > > > > > > > From: Kenneth Kline > > Sent: Wed 3/10/2010 9:39 PM > > To: Inprotect Users : General questions & announcements > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > OpenVAS is supported. > > > > Need some help testing it: > > > > recommendations thus far is to disable plugins for the following under > > OpenVAS > > > > amap > > ike-scan > > porttranny (or such) > > > > Then things would really speed up! > > > > I have finally - published front-end pages to manage > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > These are still being written/optimized/debugged by me, I have a few > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > been working in the notes / exceptions tracking in all the report > > formats. > > > > I redid the HTML. I am currrently still working on it to provide toggle > > between group by HOSTIP/SERVICE/SCRIPT id then can drill down according ( > > similar to the view of the Nessus Windows Client ) makes quick work of > > identifying keys issues. > > > > I also put code in the full pdf report to truncate it when there is more > > than 1500 hits. It starts showing risk from Highest to Lowest ( until > > it hits that count and will leave out any lower risk value when report it > > super big ). I felt it is better to generate a partial report and > > indicate truncated potentially low/infos from the report vs page time out > > due to report being 2+ thousand pages exhausting memory etc trying to > > generate. > > > > Still much to do > > > > Ken > > > > ------------------------------------------------------------------------- > >-- --- Download Intel® Parallel Studio Eval > > Try the new software tools for yourself. Speed compiling, find bugs > > proactively, and fine-tune applications for parallel performance. > > See why Intel Parallel Studio got high marks during beta. > > http://p.sf.net/sfu/intel-sw-dev > > _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > ------------------------------------------------------------------------------ _______________________________________________ inprotect-users mailing list inp...@li... https://lists.sourceforge.net/lists/listinfo/inprotect-users |
From: Kenneth K. <ken...@gm...> - 2010-04-27 21:39:04
|
Dan, I wanted to push to get it out prior to new years. I have been working on it currently to get some of the interface features for managing groups stuff. I have not published some of the recent work back to SVN yet. I doubt I will push for anything major to be released on until several features are enhanced and implemented. a reporting wizard needs written yet. I have been working to do some custom reporting to track changes and looking to do a delta and /or net remains view based on two reports. A number of other features to really finish it out. I will likely keep publishing minor changes over the course of this year before releasing a 2.0. I am not working to meet any timeline so get out a release that generates revenue so there is not true benefit to change from 1.x to 2.x naming anytime soon. Part of being a perfectionist. When I do hit 2.0, I am thinking to potentially give adobe flex a shot as it looks to have some promise and can save development time on the front end ( which is where all the time is spent ) Ken On Monday 26 April 2010 05:55:49 pm Daniel Didier wrote: > Ken, > I appreciate the input; We'll run with 1.9 and look forward to seeing the > improvements. > > I'm sure you've been asked this before, but do you feel a 2.0 will be > coming out soon? > > Thanks, > Dan > > > > From: Kenneth Kline > Sent: Mon 4/26/2010 5:32 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn > > > USE 1.9 > > 1.0 is not being maintained. > > 1.9 offers more table normalization, which means far more performance gain > and db space saving over 1.0. > > Sexier reports, more feature rich, and a number of features that was not > written per the 1.0 front end are now all considered per 1.9 > > Ken > > On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > > Kenneth, > > Thanks for all of your effort on this project. We are looking to deploy > > inprotect and wonder if you would recommend using version 1.0 or 1.9? > > > > Your input would be greatly appreciated - Dan > > > > > > > > From: Kenneth Kline > > Sent: Wed 3/10/2010 9:39 PM > > To: Inprotect Users : General questions & announcements > > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > > > > All it is available under SVN /trunk/Inprotect/builds/ > > > > OpenVAS is supported. > > > > Need some help testing it: > > > > recommendations thus far is to disable plugins for the following under > > OpenVAS > > > > amap > > ike-scan > > porttranny (or such) > > > > Then things would really speed up! > > > > I have finally - published front-end pages to manage > > ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. > > > > These are still being written/optimized/debugged by me, I have a few > > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > > > We have been converting the excel stuff over to use phpEXCEL. I have > > been working in the notes / exceptions tracking in all the report > > formats. > > > > I redid the HTML. I am currrently still working on it to provide toggle > > between group by HOSTIP/SERVICE/SCRIPT id then can drill down according ( > > similar to the view of the Nessus Windows Client ) makes quick work of > > identifying keys issues. > > > > I also put code in the full pdf report to truncate it when there is more > > than 1500 hits. It starts showing risk from Highest to Lowest ( until > > it hits that count and will leave out any lower risk value when report it > > super big ). I felt it is better to generate a partial report and > > indicate truncated potentially low/infos from the report vs page time out > > due to report being 2+ thousand pages exhausting memory etc trying to > > generate. > > > > Still much to do > > > > Ken > > > > ------------------------------------------------------------------------- > >-- --- Download Intel® Parallel Studio Eval > > Try the new software tools for yourself. Speed compiling, find bugs > > proactively, and fine-tune applications for parallel performance. > > See why Intel Parallel Studio got high marks during beta. > > http://p.sf.net/sfu/intel-sw-dev > > _______________________________________________ > > inprotect-users mailing list > > inp...@li... > > https://lists.sourceforge.net/lists/listinfo/inprotect-users > > --------------------------------------------------------------------------- > --- _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > |
From: Daniel D. <dd...@ma...> - 2010-04-26 21:55:25
|
Ken, I appreciate the input; We'll run with 1.9 and look forward to seeing the improvements. I'm sure you've been asked this before, but do you feel a 2.0 will be coming out soon? Thanks, Dan From: Kenneth Kline Sent: Mon 4/26/2010 5:32 PM To: Inprotect Users : General questions & announcements Subject: Re: [Inprotect-users] 1.9.3.002 build is on the svn USE 1.9 1.0 is not being maintained. 1.9 offers more table normalization, which means far more performance gain and db space saving over 1.0. Sexier reports, more feature rich, and a number of features that was not written per the 1.0 front end are now all considered per 1.9 Ken On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > Kenneth, > Thanks for all of your effort on this project. We are looking to deploy > inprotect and wonder if you would recommend using version 1.0 or 1.9? > > Your input would be greatly appreciated - Dan > > > > From: Kenneth Kline > Sent: Wed 3/10/2010 9:39 PM > To: Inprotect Users : General questions & announcements > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > All it is available under SVN /trunk/Inprotect/builds/ > > OpenVAS is supported. > > Need some help testing it: > > recommendations thus far is to disable plugins for the following under > OpenVAS > > amap > ike-scan > porttranny (or such) > > Then things would really speed up! > > I have finally - published front-end pages to manage ORG/SITE/SUBNETS/ASSET > LISTS/ DMZ ranges. > > These are still being written/optimized/debugged by me, I have a few > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > We have been converting the excel stuff over to use phpEXCEL. I have been > working in the notes / exceptions tracking in all the report formats. > > I redid the HTML. I am currrently still working on it to provide toggle > between group by HOSTIP/SERVICE/SCRIPT id then can drill down according ( > similar to the view of the Nessus Windows Client ) makes quick work of > identifying keys issues. > > I also put code in the full pdf report to truncate it when there is more > than 1500 hits. It starts showing risk from Highest to Lowest ( until it > hits that count and will leave out any lower risk value when report it > super big ). I felt it is better to generate a partial report and > indicate truncated potentially low/infos from the report vs page time out > due to report being 2+ thousand pages exhausting memory etc trying to > generate. > > Still much to do > > Ken > > --------------------------------------------------------------------------- > --- Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > ------------------------------------------------------------------------------ _______________________________________________ inprotect-users mailing list inp...@li... https://lists.sourceforge.net/lists/listinfo/inprotect-users |
From: Kenneth K. <ken...@gm...> - 2010-04-26 21:18:01
|
USE 1.9 1.0 is not being maintained. 1.9 offers more table normalization, which means far more performance gain and db space saving over 1.0. Sexier reports, more feature rich, and a number of features that was not written per the 1.0 front end are now all considered per 1.9 Ken On Monday 26 April 2010 11:16:56 am Daniel Didier wrote: > Kenneth, > Thanks for all of your effort on this project. We are looking to deploy > inprotect and wonder if you would recommend using version 1.0 or 1.9? > > Your input would be greatly appreciated - Dan > > > > From: Kenneth Kline > Sent: Wed 3/10/2010 9:39 PM > To: Inprotect Users : General questions & announcements > Subject: [Inprotect-users] 1.9.3.002 build is on the svn > > > All it is available under SVN /trunk/Inprotect/builds/ > > OpenVAS is supported. > > Need some help testing it: > > recommendations thus far is to disable plugins for the following under > OpenVAS > > amap > ike-scan > porttranny (or such) > > Then things would really speed up! > > I have finally - published front-end pages to manage ORG/SITE/SUBNETS/ASSET > LISTS/ DMZ ranges. > > These are still being written/optimized/debugged by me, I have a few > queries turned on within the pages under Group->[LIST|Subnet|DMZ] > > We have been converting the excel stuff over to use phpEXCEL. I have been > working in the notes / exceptions tracking in all the report formats. > > I redid the HTML. I am currrently still working on it to provide toggle > between group by HOSTIP/SERVICE/SCRIPT id then can drill down according ( > similar to the view of the Nessus Windows Client ) makes quick work of > identifying keys issues. > > I also put code in the full pdf report to truncate it when there is more > than 1500 hits. It starts showing risk from Highest to Lowest ( until it > hits that count and will leave out any lower risk value when report it > super big ). I felt it is better to generate a partial report and > indicate truncated potentially low/infos from the report vs page time out > due to report being 2+ thousand pages exhausting memory etc trying to > generate. > > Still much to do > > Ken > > --------------------------------------------------------------------------- > --- Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > |
From: Daniel D. <dd...@ma...> - 2010-04-26 15:33:54
|
Kenneth, Thanks for all of your effort on this project. We are looking to deploy inprotect and wonder if you would recommend using version 1.0 or 1.9? Your input would be greatly appreciated - Dan From: Kenneth Kline Sent: Wed 3/10/2010 9:39 PM To: Inprotect Users : General questions & announcements Subject: [Inprotect-users] 1.9.3.002 build is on the svn All it is available under SVN /trunk/Inprotect/builds/ OpenVAS is supported. Need some help testing it: recommendations thus far is to disable plugins for the following under OpenVAS amap ike-scan porttranny (or such) Then things would really speed up! I have finally - published front-end pages to manage ORG/SITE/SUBNETS/ASSET LISTS/ DMZ ranges. These are still being written/optimized/debugged by me, I have a few queries turned on within the pages under Group->[LIST|Subnet|DMZ] We have been converting the excel stuff over to use phpEXCEL. I have been working in the notes / exceptions tracking in all the report formats. I redid the HTML. I am currrently still working on it to provide toggle between group by HOSTIP/SERVICE/SCRIPT id then can drill down according ( similar to the view of the Nessus Windows Client ) makes quick work of identifying keys issues. I also put code in the full pdf report to truncate it when there is more than 1500 hits. It starts showing risk from Highest to Lowest ( until it hits that count and will leave out any lower risk value when report it super big ). I felt it is better to generate a partial report and indicate truncated potentially low/infos from the report vs page time out due to report being 2+ thousand pages exhausting memory etc trying to generate. Still much to do Ken ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ inprotect-users mailing list inp...@li... https://lists.sourceforge.net/lists/listinfo/inprotect-users |
From: Kenneth K. <ken...@gm...> - 2010-04-08 02:47:44
|
Regarding various characters that have special meaning in perl ( they need escaped. I guess in future versions I will have to read the input and escape them such as $ needs to be \$ # needs to be\# ' needs to be \' etc It should have worked if add the escapes to the passwords when typed in for now. Ken On Wednesday 07 April 2010 05:22:06 pm John Hally wrote: > yes good catch! Didn't even think of that. > > > > > > > > > > ________________________________ > > From: Isac Balder [mailto:pi...@ya...] > Sent: Wednesday, April 07, 2010 2:43 PM > To: Inprotect Users : General questions & announcements > Subject: Re: [Inprotect-users] More install issues > > > > John, > > > > Do you have special characters in your password. Mine was bombing on a > '$' i think. Had to temporarily weaken the password for the install. > > > > > > > I.B. > > "top posting cause yahoo makes me..." > > --- On Wed, 4/7/10, John Hally <JH...@eb...> wrote: > > > From: John Hally <JH...@eb...> > Subject: Re: [Inprotect-users] More install issues > To: "Inprotect Users : General questions & announcements" > <inp...@li...> > Date: Wednesday, April 7, 2010, 1:47 PM > > Reviewing further, it looks like it has nothing to do with the spacing, > but just fails with > > > > Access denied for user 'root'@'localhost' (using password: YES) > > > > I verified that I set a password for root@localhost like this: > > > > Mysql> SET PASSWORD FOR root@localhost=PASSWORD('password'); > > > > And it still fails. > > > > ?? > > > > > > ________________________________ > > From: John Hally [mailto:JH...@eb...] > Sent: Wednesday, April 07, 2010 12:07 PM > To: Inprotect Users : General questions & announcements > Subject: [Inprotect-users] More install issues > > > > All, > > > > Now running into the following during a fresh install. I'm obfuscating > the pwd with *'s below: > > > > 2010-04-07 12:03:37 [13936] FATAL BAD SCRIPT: at cmd=/usr/bin/mysql > -uroot -p"*****" -e "show databases like 'inprotect3';"> > /tmp/check_db_exists.tmp > > WITH OUTPUT: > > > > > > It looks like the cmd line is getting compressed together so that > instead of running mysql -u root -p <pwd> its -uroot -p<pwd> which > fails. I tried adding spaces and such in the install script but it > seems to just continue to do this. Any suggestions? > > > > Thanks. > > > -----Inline Attachment Follows----- > > ------------------------------------------------------------------------ > ------ > Download Intel(r) Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev <http://p.sf.net/sfu/intel-sw-dev> > > > -----Inline Attachment Follows----- > > _______________________________________________ > inprotect-users mailing list > inp...@li... > https://lists.sourceforge.net/lists/listinfo/inprotect-users > <https://lists.sourceforge.net/lists/listinfo/inprotect-users> > |