Did anyone install the Nessus server on a cobalt?
Any problems or issues?

Thanks!

what kind of package is that ?? Seems that no one knows it here.....

It is a very nice scanner that scans your servers for known exploits.
It gives you a full report with all warnings and stuff, including all cgi scipts that you users installed that have known exploits (someone installs an old version of formmail for instance).

It is certainly not perfect, but it is a very powerfull tool.

If i understood their website right you have to install a server part on a linux server, you can login with a client from you own computer (linux or windows) and scan your servers. You can even try a dos attack to see if it holds up i believe.

One of my customers sent me a html file with a report of one of my servers :uhh:
I can't stand it when my clients know more about this stuff then i do ;)

Any and all information is more then welcome.

Thanks

whow did you shut down the customer ??? We have strictly forbidden our customers portscanning there own server. They will btw probably be killed by portsentry but still.

I have a look to see if I can find out more.

I asume you have seen this ??

http://www.nessus.org/install.html

Well indeed a bit strange that portsentry did not do its job.

I have seen the install manual, but i'm afraid it will kill something on those sensative raqs :-).
The problem with these things is that i never know exactly what i'm doing following these guides.

Dont you have a nonproduction raq available to test it first ??

I will try for you, but i dont have time untill the weekend.

Another free tip. Is your portsentry configuered tight enough ???

Perhaps you haven't shut down all unneeded ports..

I did not make portsentry that tight, i had some customers who had problems after a normal SSL connect (their ip was dropped to hosts.deny).

It probably was down at the moment (i hope).

All my raqs are in use, and i'm not gonna experiment on my brand new Raq550 because i need it in a couple of days .

As far as i know Nessus is not such an exotic program, surely someone must have tried it?

well lets wait and see if some has done it before.