deraison at nessus
Nov 4, 2004, 7:45 AM
Post #2 of 2
On Thu, Nov 04, 2004 at 12:58:05PM +0100, Jan-Oliver Wagner wrote:
> I am searching for sepecification of the syntax for
> the user access rules. All I found so far is:
> fprintf(f, "#\n# Nessus rules\n#\n\n");
> fprintf(f, "# Syntax : accept|reject address/netmask\n");
> fprintf(f, "\n# Accept to test anything : \n");
> fprintf(f, "default accept\n");
> in nessusd/rules.c
action = accept | reject | deny
target = ip | ip/cidr | "client_ip"
rule = <action> <target> | "default" <action>
It works like a firewall : you define a set of hosts you want/don't want
to scan, and you finish your statement with a default policy.
The order of the policies is :
And then the user can restrict his scope thru the GTK client.
Once a scope has been defined in nessusd.rules, it can only be reduced
furthermore, not be expanded.