This is being logged in nessusd.dump, right?

Also, what's the revision of that plugin (netstat_portscan.nasl)? 1.9 is
the latest.

George

It turns out this was a problem introduced in ssh_func.inc yesterday and
fixed a few hours ago. Update your plugins if you haven't already and
this should be fixed.

George

Okay, well, when I had that yesterday, I decided to try installing from the
gzip files instead of using the installer script. That fixed the
'get_hostname' problem, but I ended up with a new bpf problem. Since you
posted this, I've decided to uninstall and reinstall Nessus again (using the
installer script this time). When it starts the installation, it recognizes
that gtk isn't available and says that it will install without the gui.
Great, this is what I want. However, as the script continues, I see the
following:

exec.c: In function `execute_nasl_script':
exec.c:1822: warning: assignment discards qualifiers from pointer target
type
nasl_func.c: In function `insert_nasl_func':
nasl_func.c:100: warning: passing arg 4 of `qsort' from incompatible pointer
type

Just a few lines after that, I also see:

x -- Configuring the sources for your system
configure: warning: **** gtk not found

Is any of this stuff normal or typical? The compilation errors look
feasible, but I'm not sure if that's just how the code is written and the
compiler is mistaken. As far as the configure warning, I would think that
configure would recognize that gtk wasn't installed and would not need to
display this warning. Am I incorrect?

Thanks.

Chad Uretsky
Lead Network and Security Engineer, IT | NetIQ Corporation





-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of George A. Theall
Sent: Thursday, July 14, 2005 9:00 PM
To: ***@list.nessus.org
Subject: Re: New error in my nessus.dump file
It turns out this was a problem introduced in ssh_func.inc yesterday and
fixed a few hours ago. Update your plugins if you haven't already and this
should be fixed.

George

Okay, follow-up....

Looks like that install did work, and I can even get Nessus to detect
plugins 18027, 18028, and 18502 now. However, it appears that somehow,
auto_enable_dependencies got broken. The server will not automatically scan
for dependencies. If I manually turn on plugins 10150, 11011, 10785, and
12213, then the plugins will work. Without them, regardles of the fact that
I have auto_enable_dependencies set to 'yes' in both nessusd.conf and the rc
file I'm using for the scans, it does not launch the necessary plugins.

Also, and I'm not sure if this is related in any way, I found a typo in
11011 (cifs445.nasl). In this script, 'script_dependencies' is misspelled
as 'script_dependencie' (missing the final 's').

Thank you George and Renaud for all your help!

Chad



-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of Chad I. Uretsky
Sent: Friday, July 15, 2005 8:08 AM
To: 'George A. Theall'; '***@list.nessus.org'
Subject: RE: New error in my nessus.dump file


Okay, well, when I had that yesterday, I decided to try installing from the
gzip files instead of using the installer script. That fixed the
'get_hostname' problem, but I ended up with a new bpf problem. Since you
posted this, I've decided to uninstall and reinstall Nessus again (using the
installer script this time). When it starts the installation, it recognizes
that gtk isn't available and says that it will install without the gui.
Great, this is what I want. However, as the script continues, I see the
following:

exec.c: In function `execute_nasl_script':
exec.c:1822: warning: assignment discards qualifiers from pointer target
type
nasl_func.c: In function `insert_nasl_func':
nasl_func.c:100: warning: passing arg 4 of `qsort' from incompatible pointer
type

Just a few lines after that, I also see:

x -- Configuring the sources for your system
configure: warning: **** gtk not found

Is any of this stuff normal or typical? The compilation errors look
feasible, but I'm not sure if that's just how the code is written and the
compiler is mistaken. As far as the configure warning, I would think that
configure would recognize that gtk wasn't installed and would not need to
display this warning. Am I incorrect?

Thanks.

Chad Uretsky
Lead Network and Security Engineer, IT | NetIQ Corporation





-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of George A. Theall
Sent: Thursday, July 14, 2005 9:00 PM
To: ***@list.nessus.org
Subject: Re: New error in my nessus.dump file
It turns out this was a problem introduced in ssh_func.inc yesterday and
fixed a few hours ago. Update your plugins if you haven't already and this
should be fixed.

George

Auto_enable_dependencies is enabled in nessusd.conf. I did check that
previously, and even restarted nessusd to make sure that it was loaded.
Still, this problem continues.

Thanks.

Chad



-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of George A. Theall
Sent: Friday, July 15, 2005 3:23 PM
To: ***@list.nessus.org
Subject: Re: New error in my nessus.dump file
Make sure it's also enabled in nessusd.conf. If you need to change it,
you'll need to restart nessusd for the change to take effect.
Actually, the misspelling is legal syntax -- I suspect too many plugins were
written before the error was noticed and fixed.

George

I've checked the nessusd.conf and my rc file. I don't see anything that
would disable auto_enable_dependencies, nor do I see anything that should
cause Nessus to reuse kb results from an earlier scan (all kb options are
set to 'no').

Thanks again for your help, George.

Chad



-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of George A. Theall
Sent: Friday, July 15, 2005 7:20 PM
To: ***@list.nessus.org
Subject: Re: New error in my nessus.dump file
Sorry, I missed that before.

I'm not really sure what could be going on then... Is it possible that the
setting occurs more than once in either file? Or that you're reusing
knowledge base results from an earlier scan/


George

I enabled OS identification in the NMAP settings and it does now list the
Cisco IOS version in the results. But doesn't explicitly indicate it's a
WAP.

nessusd -d:
This is Nessus 2.2.4 for Linux 2.4.22-2fsmp
compiled with gcc version 3.2.2 20030217 (Yellow Dog Linux 3.0 3.2.2-2a)
Current setup :
nasl : 2.2.4
libnessus : 2.2.4
SSL support : enabled
SSL is used for client / server communication
Running as euid : 0

Did the other changes you suggested and re-ran the scan. It finds all the
open ports but doesn't seem to identify the WAPs specifically, just says
it's a Cisco IOS...

Ok, I tried removing /usr/local/lib/nessus/plugins/.desc and restarted
nessusd, but auto_enable_dependencies is still not working. I've also
updated my plugins (today), and now it looks like plugin 12213
(tcp_seq_window.nasl) is no longer working. :-(

Oh, I use newsyslog to automatically rotate nessusd.dump (as well as
nessusd.message), and I HUP nessus every night a few minutes after the log
rotation so that it will connect back to the log file (I've noticed that if
I don't HUP the process, nessusd will stop writing to its logs).

Here's the results of nessusd -d:

========================================
This is Nessus 2.2.4 for FreeBSD 4.8-RELEASE-p7
compiled with gcc version 2.95.4 20020320 [FreeBSD]
Current setup :
nasl : 2.2.4
libnessus : 2.2.4
SSL support : enabled
SSL is used for client / server communication
Running as euid : 0


Include these infos in your bug reports
========================================


I hope the fixes coming Friday in 2.2.5 take care of this.

Thanks again for the help.

Chad



-----Original Message-----
From: nessus-***@list.nessus.org [mailto:nessus-***@list.nessus.org]
On Behalf Of George A. Theall
Sent: Monday, July 18, 2005 10:28 AM
To: ***@list.nessus.org
Subject: Re: New error in my nessus.dump file
Hmm, try this: remove the directory /usr/local/lib/nessus/plugins/.desc,
restart nesssud, and rerun a scan. Does auto_enable_dependencies work this
time? It also might not be a bad idea to remove / rotate nessusd.dump to
avoid confusing things.

Also, what does "nessusd -d" report?

George