Red Hat NETWORK 3.6 - Betriebsanweisung PDF herunterladen (Seite 58)

APPENDIX 3: WORKING WITH NESSUS

It is possible to view a PVS report from within the Nessus interface by enabling the nessus-

report-file option in /opt/pvs/etc/pvs.conf and setting the path and filename for the

report file output. To ensure that the greatest amount of PVS data is able to be imported

into Nessus, it is necessary that the nessus-report-version be set to “2” as shown below.

1. Once the report is generated you may import the resulting .nessus file directly into

your Nessus server. Confirm that the file is in a location that you can access from

your web browser.

2. To import a scan, click on the “Upload” button from the “Reports” screen in the

Nessus management interface. Use the “Browse…” button to select the .nessus scan

file you want to import and click “Submit”. Nessus will parse the information and

make it available in the “Reports” interface where it may be viewed as any other

report.

TUNING FOR NESSUS ONLY REPORTING

If SecurityCenter is not to be used to view PVS reports, there are opportunities to optimize

settings in the PVS configuration to enhance its performance by disabling features that are

unneeded when it is to only be viewed in the Nessus interface.

Review and tune monitored and excluded networks. Open the /opt/pvs/etc/pvs.conf file

with a text editor. Networks are specified using CIDR notation and placed between the

brackets after the directive. The networks option specifies the networks to be monitored.

This is initially set by the PVS installation script and specifies your monitored network

address space. The excluded-networks option specifies any networks that are to be

excluded from PVS monitoring. If left blank, no addresses will be excluded.

When using PVS with Nessus only reporting, disable the following PVS reporting options in

pvs.conf unless specifically needed for other uses:

1 2 ... 53 54 55 56 57 58 59 60 61

Keine Kommentare

Red Hat NETWORK 3.6 - Betriebsanweisung Seite 58