Linux

Check File integrity with Nessus (on Linux with md5sum and FILE_CHECK)

Objective Monitor file integrity by generating a hash and verify it with NessusRead More »

Network daemons not managed by the package system

Nessus Output Description Some daemon processes on the remote host are associated with programs that have been installed manually. System administration best practice dictates that an operating system’s native package management tools be used to manage software installation, updates, and removal whenever possible.Read More »

SSH Weak MAC Algorithms Enabled

Nessus Output Description The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak. Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.Read More »

SSH Server CBC Mode Ciphers Enabled

Nessus Output Description The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions.Read More »

RED HAT ENTERPRISE LINUX

Resources used for creating custom Nessus Auditfile for Red Hat Enterprise:Read More »

'for loop' in a Linux Nessus audit file

I’m working on a custom Linux auditfile with Oracle checks. I want this audit file to be generic, so no hardcoded instance names in the auditfile.Read More »