Nessus 2.2.10 “scan stops incomplete with remote host is dead message” on Debian Sid / How to resolve the Nessus not scanning issues on Debian Sid(Testing/unstable)

Thursday, 29th April 2010

I haven’t used my nessus installation which seemed to be hanging around since more than a year.
I have no memory which exactly was the last case I used Nessus in order to conduct some automated generalSecurity testing of Linux and Windows servers. However when I launched the nessus client and logged in to the Nessusd server and attempted to scan a host,I experienced an issue, whether scan was terminated in just about 3 seconds time.
I checked nessusd’s log file /var/log/nessus/nessusd.messages and found messages claiming,some file nessus plugin rules file dependencies were missing. The whole list of the file dependencieswhich caused my nessusd misbehaving you can read in nessusd.messages
In order to check this issues I had to select the tick Enable Dependencies at runtime in my Nessus Plugins tab

This solved the dependencies issues, however the nessus scanner was completing it’s scan in just a few seconds once again.
This time checking the nessus log file doesn’t provided me with any meaningful information on what could be causing Nessusrefusals to scan the node’s security.

A search in Google pointed me to the following forum which suggested a solution to the problems with nessus misbehaves.

The solution is really simple, somehow the whole scanning issues are caused by two Ticks in Nessus client program interface:
To solve the issues go to Nessus Client in Prefs. tab and uncheck the Do a TCP ping and Do an ICMP ping that will solve the issue for you.

Anyways before I can proceed to that firstIt was necessery for me to add a new user to it and start the nessus service.
Here is how I achieved that:

root@noah:~# nessus-adduser Now you will have to answer to a few questions:

Add a new nessusd user
----------------------

Login : baklava
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :

User rules
———-nessusd has a rules system which allows you to restrict the hosts
that baklava has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax
.
Enter the rules for this user, and hit ctrl-D once you are done :
(the user can have an empty rules set)

Login : baklava
Password : ***********
DN :
Rules :

Is that ok ? (y/n) [y]

All you need to fill from the above fill in fields is is the Login and Login Password
After you have filled that you have to press ctrl-D as the text instructs you.
On the “Is that ok field” just answer y and continue to bringing up the Nessus Network server.
Before you bring up the nessus daemon listening for connections from the nessus client, you’ll have to provide the serverwith a well configured nessusd.conf
I decided to share with you my nessusd.conf file in order to make your file a bit easier on that.
Download the copy of nessusd.conf here and place it in:
/etc/nessusd/ directory on your Linux system.
root@noah:~# /etc/init.d/nessusd start

Now I simply launched the nessus client program and started the scan. Thanksfully now Nessus worked like a charm ! 🙂

Share this on:

Download PDFDownload PDF

Tags:

2 Responses to “Nessus 2.2.10 “scan stops incomplete with remote host is dead message” on Debian Sid / How to resolve the Nessus not scanning issues on Debian Sid(Testing/unstable)”

  1. Abel Boote says:
    Firefox 3.5.3 Firefox 3.5.3 Windows XP Windows XP
    Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3

    Amaze You did a genuinely great employment on this thing.

    View CommentView Comment
  2. Hailey Stambek says:
    Firefox 3.5.3 Firefox 3.5.3 Windows XP Windows XP
    Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

    I’ve been following your blog for 2 weeks now, I am always excited to read your new posts. This one was no exception, a great read yet again.

    View CommentView Comment

Leave a Reply

CommentLuv badge