HPE Community
Operating System - HP-UX
1820478 Members
2918 Online
109624 Solutions
New Discussion юеВ

Scanning with Nessus

 
SOLVED
Go to solution
Fred K. Abell Jr._1
Regular Advisor

тАО02-06-2007 04:05 AM

тАО02-06-2007 04:05 AM

Scanning with Nessus

Greetings:

I have installed Nessus from the HP-UX Internet Express package. I have done nessus-adduser, nessus-mkcert, and started the nessusd. When I start the nessus client and try to log into one of the users I added, I get the following error:

[1102] SSL_connect: error:00000000:lib(0):func(0):reason(0)

and a GUI with SSL error pops open.

I currently have openssl installed. Any Ideas of what is going on?

Fred
0 Kudos
Reply
5 REPLIES 5
Steven E. Protter
Exalted Contributor

тАО02-06-2007 04:23 AM

тАО02-06-2007 04:23 AM

Re: Scanning with Nessus

Shalom,

You should check that ssl is properly configured and the right version that nessus needs is installed. I'm not sure if the depot version checks that at install time, but it should.

Tell me how you are running the GUI. Are you connected via CDE, is your DIPLAY variable set and is the font server running, /etc/rc.config.d/xfs or /sbin/init.d/xfs start

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Fred K. Abell Jr._1
Regular Advisor

тАО02-06-2007 04:43 AM

тАО02-06-2007 04:43 AM

Re: Scanning with Nessus

I am running in CDE, logged in as root, running the default setup. The depot version of openssl is A.00.09.7i.012.

Fred
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО02-06-2007 06:28 AM

тАО02-06-2007 06:28 AM

Re: Scanning with Nessus

Shalom Fred,

Check the release notes, but I tink I have some ideas.

Some ssl configuration is required before you use nessus.

http://www.ce.chalmers.se/edu/course/EDA262/Lab3.pdf

http://www.nessus.org/news/

http://www.nessus.org/documentation/nessus_3.0_client_guide.pdf

http://people.freebsd.org/~fenner/portsurvey/security.html

Seems a security certificate is required. I'd be shocked if the nessus setup documentation doesn't mention it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО02-06-2007 05:56 PM

тАО02-06-2007 05:56 PM

Solution

Re: Scanning with Nessus

Fellow forumers.

Doing a little extra on this thread. Offline email exchange. It can be fun.

Message received during testing of nessus.

Connection from 127.0.0.1 is rejected by libwrap

Do we agree that tcpwrappers may be interfering with the operation of this procuct? If so, whats the fix to the tcpwrappers config file?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Fred K. Abell Jr._1
Regular Advisor

тАО02-07-2007 01:53 AM

тАО02-07-2007 01:53 AM

Re: Scanning with Nessus

OK,

I entered into my /etc/hosts.allow file the following:

nessusd 127.0.0.1:allow

and it got past the logging in problem.

Thanks for all the help SEP

Fred
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.