From: Ricardo M. Stella (stella@rider.edu)
Date: Thu Jul 01 2004 - 18:57:37 CDT
FYI,
I've been looking more in depth at the Brown NetReg code... The good
thing about that is that it integrates the use of cookies to prevent
bypassing the scanning.
The bad thing is that it's so heavily branded to use by Brown that I'm
pulling line by line literally...
I was able to replace the LDAP code and use standard Net::LDAP instead of
their own version, using the Netreg's 1.3 ldap routines. That at least
works...
Next is the scanning portion. Right now, it seems that it detects to see
if the client is a windows OS from $ENV{CLIENT_OS} and only performs a
scan if it's 'win'. I think I just tracked down the function that set's
that up from HTTP_USER_AGENT, so I can actually do a scan. Cause up until
now it would detect it as unknown, and therefore skip the scan.
I'm still not sure how far I'll get, after the scanning... It still needs
to do the registration after that.
I know that Brown will be tarring a non-branded version of Reggie. But
I'd hope to see something similar from their NetReg...
My .02...
> Dave,
>
> I understand that Net::Nessus::ScanLite is a perl module. I will see if I
> can integrate that with my PHP code. It shouldn't be too much of a
> problem. Thanks for sharing your code with the netreg community I'm sure I
> speak for many when I say "thank you."
>
> Justin Turner
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:46 CDT