Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Nessus: plugins

Mac OS X identification

  

 
Nessus plugins RSS feed   Index | Next | Previous | View Threaded


ammann at lanl

Oct 29, 2007, 2:32 PM

Post #1 of 2 (1093 views)
Permalink
Mac OS X identification
I have several Mac OS X boxes running versions between 10.4.4 and
10.4.7. All of these boxes trigger macosx_10_4_10.nasl but not
macosx_10_4_9.nasl.

macosx_10_4_9.nasl says:
os = get_kb_item("Host/MacOSX/Version");
if ( ! os ) os = get_kb_item("mDNS/os");
if ( ! os ) exit(0);

macosx_10_4_10.nasl says:
os = get_kb_item("Host/MacOSX/Version");
if ( ! os ) os = get_kb_item("Host/OS");
if ( ! os ) exit(0);

The output from plugin 11936 for some these reports that the OS
identification was done using NTP. For others it says SinFP.

Why does one plugin use mDNS and one use Host/OS? (Just curious.)

Can macosx_10_4_9.nasl be updated to use the Host/OS? Or whatever change
would be most appropriate? We'd sure like to pick up those, too, as we'd
like to politely inform users they're running 10.4.9 and more forcefully
inform them they're running 10.4.8 and older.

Thanks.

Cheryl

_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers


deraison at nessus

Oct 29, 2007, 2:57 PM

Post #2 of 2 (999 views)
Permalink
Re: Mac OS X identification [In reply to]
Hi Cheryl,


On Oct 29, 2007, at 5:32 PM, Cheryl Ammann wrote:

> I have several Mac OS X boxes running versions between 10.4.4 and
> 10.4.7. All of these boxes trigger macosx_10_4_10.nasl but not
> macosx_10_4_9.nasl.
>
> macosx_10_4_9.nasl says:
> os = get_kb_item("Host/MacOSX/Version");
> if ( ! os ) os = get_kb_item("mDNS/os");
> if ( ! os ) exit(0);
>
> macosx_10_4_10.nasl says:
> os = get_kb_item("Host/MacOSX/Version");
> if ( ! os ) os = get_kb_item("Host/OS");
> if ( ! os ) exit(0);
>
> The output from plugin 11936 for some these reports that the OS
> identification was done using NTP. For others it says SinFP.
>
> Why does one plugin use mDNS and one use Host/OS? (Just curious.)

Because one predates the big os fingerprint overall we had several
months ago.
I've updated the plugin to use Host/OS as well.


Thanks for notifying us,


-- Renaud


_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers

Nessus plugins RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.