[TriLUG] nessus, and reports from nessus, experts out there?

[Kevin Flanagan]

All,


    I have a desire to do some stuff at work with nessus and have found
some of what would be nice on sourceforge, but not enough, here's the
sketch of the desired functionality

Reports, see http://enterprise.bidmc.harvard.edu/pub/nessus-php/ this is
a good idea, but there's not much in the line of control of who sees
what.  short but sweet reports like nessus already does work for me, but
the PHB types need prettier stuff.

Delegated scanning, it would be great to have the security group "own"
the system and most of the process, IE: what constitutes a scan that
will pass muster for deployment in a DMZ, but to delegate this off to
the folks doing the systems engineering (that would be me) to actually
run these scans while developing the solution. They would also like to
restrict what systems can be scanned, by IP range, that would indicate
that they were in a test lab, or requiring permissions on the target
system, something that would keep me from launching a scan of one of the
core Database systems in the middle of the day by mistake.


Store results from scans in a database, the stuff above from Harvard
does a pretty good job of that.


So, the question to the group is, has anyone done anything like this?  I
think that what we are looking to do will become a new project,
hopefully a sourceforge and GPL type of one.  This is just one of the
security guys and myself working on this in "our spare time" right now,
and we have just started that.  We hope to be able to connect with other
projects that are already underway and get resources, code, or some help
from them.

If anyone knows of anything that I should check out for functionality or
just ideas, please holler.


Thanks in advance,



    Kevin


-- 

+--------------------------------------------------------------+
If you never see anything that offends you, you aren't living in a free
society

Kim Campbell - Former Canadian Prime Minister