0000786: nessus scan from the admin web ui is broken with nessus 3 - PacketFence

PacketFence - BTS - PacketFence

View Issue Details

Project

Category

View Status

Date Submitted

Last Update

0000786

PacketFence

public

2009-08-27 17:52

2011-01-26 15:43

Reporter

obilodeau

Assigned To

obilodeau

Priority

normal

Severity

minor

Reproducibility

sometimes

Status

closed

Resolution

fixed

Platform

OS Version

Product Version

Target Version

Fixed in Version

fixed in git revision

fixed in mtn revision

Summary

0000786: nessus scan from the admin web ui is broken with nessus 3

Description

Error:
Aug 27 17:20:26 pfcmd(0): Nessus login failed: 1: Connect to 192.168.1.60:1241 failed. (IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)) (pf::trigger::trigger_scan)

Upstream Net::Nessus::ScanLite makes an assumption about the SSL certificate type provided by the nessus sever.

In the cod in the new sub:
<code>
        my $self = bless {
                _code => 0,
                _error => "",
                ntp_version => '1.2',
                host => undef,
                port => 1241,
                user => undef,
                password => undef,
                #ssl_version => 'TLSv1',
                ssl_version => 'SSLv2/3',
                timeout => 1,
                ssl => 1,
                debug => 1,
                _cfg => undef,
                _section => 'nessus',
                _duration => 0,
                _prefsect => 'preferences',
                _defsection => 'defaults',
                _holes => [],
                _info => [],
                preferences => {},

        },$class;

</code>

I changed timeout to 10 and ssl to TLSv1 and it started to work again.

I was able to reproduce in our lab 100% of the time. Pretty sure nessus 3 started to use TLS instead of SSLvX.

We may have to provide the rpm in our repo with the TLSv1 option instead of SSL and a timeout that makes more sense...

Steps To Reproduce

Additional Information