Nessus default Save As location

[johnemiller at gmail.com (John)]

If you pass a directory to NessusClient, it will use that as the default
save directory:

/opt/nessus/bin/NessusClient /tmp/

will use /tmp as the default save/open directory. You need to include
the trailing slash for this to work properly.

- John Miller

On Mon, 2009-01-19 at 20:40 -0600, Nathan Sweaney wrote:
> Ok, I'm not sure whether this is my lack of experience with linux or
> nessus, but either way I figured someone here can answer this.
>
> I'm using the Nessus gui in Ubuntu and when I start a new session and
> click "Save As" it defaults to the root of my home directory.  Is it
> possible to change that?  I have another location that I constantly have
> to change to & I've finally gotten tired of it enough to try to change
> it.  
>
> Thanks
>
> Nathan
>
> -----Original Message-----
> From: pauldotcom-bounces at mail.pauldotcom.com
> [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of wishi
> Sent: Monday, January 19, 2009 10:25 AM
> To: PaulDotCom Security Weekly Mailing List
> Subject: [Pauldotcom] Make snort bite back - prevention issues
>
> Hi!
>
> I'm currently setting up a secure Linux (Debian) based server, and I
> want to apply some prevention in case of intrusion detection; and
> effective logging (not a mass of data).
>
> There's a great small list at Emerging Threat's docu site about
> snort-sam:
> http://doc.emergingthreats.net/bin/view/Main/SnortSam
>
> * I already applied some of the ready rule sets from there. They seem
> quite good.
>
> * One issue related to snort-sam is: In the documentation I found
> several parts, like White-list support of IP addresses that will never
> be blocked. Anyhow: I'm having a dynamic IP address, therefore I can't
> white-list it, because it is not static. This can cause problems I
> think. If somebody spoofs IPs, I can't be sure to be able to access the
> server any more (without KVM-IP...).
>
> * Furthermore only outgoing traffic matters. I don't really care for
> ssh-brute force attacks because it's highly unlikely to be successful.
>
>
> I just wonder what's a real best-practice IDS config; where to create
> logs, and how to organize them ;). In the end I want a pcap for an
> attack that took place, and a small logfile. That's all. But it seems I
> get a huge mass of logs I don't even need.
>
>
> wishi
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com