From: jpb (jpb@brown.edu)
Date: Wed Jun 09 2004 - 21:22:56 CDT
Thanks Josh,
I've posted the source for our current netreg front end.
You can get at it using the 'myconnection' link under the 'Code and
Setup' section from the following url.
http://www.brown.edu/Facilities/CIS/Projects/netreg/reggie/
I'll keep this link up.
I'm finishing up with another project right now and look forward to
putting code under the 'generic reggie' section. (empty today)
My goal is to have it totally non site specific code, like NetReg, I
never realized how hard it was to take localized crap out of code..
The README under the myconnection link should explain the front end.
The final step a a cookie aware southwestern NetReg 1.3, works well.
Again as the author of most of this code, it is 'as is', use it as you'd
like no credit needed.
-jpb
Josh Richard wrote:
> Sean,
>
> Here is some code you can use to get familiar with the module (from
> the examples directory of the perl module):
> See:
> http://search.cpan.org/~jpb/Net-Nessus-ScanLite-0.01/lib/Net/Nessus/ScanLite.pm
>
> For more information
>
> ==== begin
>
> #!/usr/local/bin/perl -Tw
> use strict;
> use Net::Nessus::ScanLite;
> use HTML::Template;
> use Data::Dumper;
> use CGI;
> use vars qw( );
> my $query = new CGI;
>
> $ENV{PATH} = '';
> $|=1;
> print $query->header;
>
> # Put the template where the cgi can read it.
> my $template = "/tmp/results.tmpl";
> # die_on_bad_params use this unless your getting all tmpl var's
> my $t = HTML::Template->new(filename => $template,die_on_bad_params
> => 0);
>
> my $user = "nessus";
> my $pwd = "******";
>
> my $nessus = Net::Nessus::ScanLite->new(
> host => "nessus.host.net",
> port => 1241,
> ssl => 0, # comment or set to 1 out if
> using ssl
> );
> # Modify the following as seems fit.
> $nessus->preferences( { host_expansion => 'none', safe_checks =>
> 'yes', checks_read_timeout => 1 });
> $nessus->plugin_set("10150;11111;10398;10859;10397;10114;10201");
>
> my $addr = $ENV{REMOTE_ADDR};
>
> $t->param("REMOTE_ADDR" => $addr);
> $t->param("plugin_set",$nessus->plugin_set);
> if( $nessus->login($user,$pwd) )
> {
> $nessus->attack($addr);
> $t->param( total_holes => $nessus->total_holes );
> $t->param( total_info => $nessus->total_info );
> $t->param( holes => $nessus->holes2tmpl );
> $t->param( info => $nessus->info2tmpl);
> $t->param( duration => $nessus->duration . " secs." );
> }
> else
> {
> $t->param("error" => $nessus->error );
> }
> print $t->output;
>
> ====
>
> total_holes returns the number of HOLES found in the scan.
> To use this with netreg to make decisions if you need to redirect
> hosts based on holes, you could check $nessus->total_holes > 0. The
> example below is a good place to start:
>
> #!/usr/local/bin/perl -Tw
> use strict;
> use Net::Nessus::ScanLite;
> use CGI;
> use CGI::Carp 'fatalsToBrowser'; # for testing
>
> use vars qw( );
> my $query = new CGI;
>
> $ENV{PATH} = '';
> $|=1;
>
> my $user = "nessus";
> my $pwd = "*******";
>
>
> my $NETREGURL = "https://netregbox.bar.baz";
> my $PATCHURL = "https://patchBOX.bar.baz";
>
>
> my $nessus = Net::Nessus::ScanLite->new(
> host =>
> "nessus_server.bar.baz",
> port => 1241,
> ssl => 1, #
> comment or set to 1 out if using ssl
> );
> # Modify the following as seems fit.
> $nessus->preferences( { host_expansion => 'none', safe_checks =>
> 'yes', checks_read_timeout => 1 });
> $nessus->plugin_set("12209");
>
> my $addr = $ENV{REMOTE_ADDR};
> if( $nessus->login($user,$pwd) ) {
> $nessus->attack($addr);
> if ($nessus->total_holes){
> print "Location: $PATCHURL\n\n";
> } else {
> #redirect using Location header to registration page
> print "Location: $NETREGURL \n\n" }
> }
>
> ====
>
> Hope that helps.
>
>
> Josh Richard University of Minnesota Duluth
>
>
>
>
> Sean Murphy wrote:
>
>> I'm trying to understand it myself:)
>>
>> I thought that a read something in the archives about NetReg using
>> Nessus thats when I followed the link and it was broken. Its up now
>> but does not have exactly what I am looking for.
>>
>> Currently I have NetReg setup and working without Nessus. I read
>> another archive about "Net-Nessus-ScanLite" but no exact instructions
>> on how to change the register page, scan the registering computer,
>> and depending on the results allow them to register or not. I also
>> read by passing a cookie to the registering machine when they pass
>> the Nessus scan. The next cgi will read that cookie and continue
>> with the Registration process. Is there anyone with code or
>> instructions to donate for NetReg and Nessus together with the
>> registration process and hopefully directions.
>>
>>
>>
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:46 CDT