head	1.5;
access;
symbols
	pkgsrc-2013Q2:1.5.0.6
	pkgsrc-2013Q2-base:1.5
	pkgsrc-2012Q4:1.5.0.4
	pkgsrc-2012Q4-base:1.5
	pkgsrc-2011Q4:1.5.0.2
	pkgsrc-2011Q4-base:1.5
	pkgsrc-2011Q2:1.4.0.58
	pkgsrc-2011Q2-base:1.4
	pkgsrc-2011Q1:1.4.0.56
	pkgsrc-2011Q1-base:1.4
	pkgsrc-2010Q4:1.4.0.54
	pkgsrc-2010Q4-base:1.4
	pkgsrc-2010Q3:1.4.0.52
	pkgsrc-2010Q3-base:1.4
	pkgsrc-2010Q2:1.4.0.50
	pkgsrc-2010Q2-base:1.4
	pkgsrc-2010Q1:1.4.0.48
	pkgsrc-2010Q1-base:1.4
	pkgsrc-2009Q4:1.4.0.46
	pkgsrc-2009Q4-base:1.4
	pkgsrc-2009Q3:1.4.0.44
	pkgsrc-2009Q3-base:1.4
	pkgsrc-2009Q2:1.4.0.42
	pkgsrc-2009Q2-base:1.4
	pkgsrc-2009Q1:1.4.0.40
	pkgsrc-2009Q1-base:1.4
	pkgsrc-2008Q4:1.4.0.38
	pkgsrc-2008Q4-base:1.4
	pkgsrc-2008Q3:1.4.0.36
	pkgsrc-2008Q3-base:1.4
	cube-native-xorg:1.4.0.34
	cube-native-xorg-base:1.4
	pkgsrc-2008Q2:1.4.0.32
	pkgsrc-2008Q2-base:1.4
	cwrapper:1.4.0.30
	pkgsrc-2008Q1:1.4.0.28
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.4.0.26
	pkgsrc-2007Q4-base:1.4
	pkgsrc-2007Q3:1.4.0.24
	pkgsrc-2007Q3-base:1.4
	pkgsrc-2007Q2:1.4.0.22
	pkgsrc-2007Q2-base:1.4
	pkgsrc-2007Q1:1.4.0.20
	pkgsrc-2007Q1-base:1.4
	pkgsrc-2006Q4:1.4.0.18
	pkgsrc-2006Q4-base:1.4
	pkgsrc-2006Q3:1.4.0.16
	pkgsrc-2006Q3-base:1.4
	pkgsrc-2006Q2:1.4.0.14
	pkgsrc-2006Q2-base:1.4
	pkgsrc-2006Q1:1.4.0.12
	pkgsrc-2006Q1-base:1.4
	pkgsrc-2005Q4:1.4.0.10
	pkgsrc-2005Q4-base:1.4
	pkgsrc-2005Q3:1.4.0.8
	pkgsrc-2005Q3-base:1.4
	pkgsrc-2005Q2:1.4.0.6
	pkgsrc-2005Q2-base:1.4
	pkgsrc-2005Q1:1.4.0.4
	pkgsrc-2005Q1-base:1.4
	pkgsrc-2004Q4:1.4.0.2
	pkgsrc-2004Q4-base:1.4
	pkgsrc-2004Q3:1.3.0.4
	pkgsrc-2004Q3-base:1.3
	pkgsrc-2004Q2:1.3.0.2
	pkgsrc-2004Q2-base:1.3
	pkgsrc-2004Q1:1.2.0.10
	pkgsrc-2004Q1-base:1.2
	pkgsrc-2003Q4:1.2.0.8
	pkgsrc-2003Q4-base:1.2
	netbsd-1-6-1:1.2.0.4
	netbsd-1-6-1-base:1.2
	netbsd-1-6:1.2.0.6
	netbsd-1-6-RELEASE-base:1.2
	pkgviews:1.2.0.2
	pkgviews-base:1.2
	buildlink2:1.1.1.1.0.2
	buildlink2-base:1.2
	netbsd-1-5-PATCH003:1.1.1.1
	netbsd-1-5-PATCH001:1.1.1.1
	netbsd-1-5-RELEASE:1.1.1.1
	netbsd-1-4-PATCH003:1.1.1.1
	pkgsrc-base:1.1.1.1
	TNF:1.1.1;
locks; strict;
comment	@# @;


1.5
date	2011.10.02.18.18.07;	author joerg;	state dead;
branches;
next	1.4;

1.4
date	2004.11.02.00.01.04;	author adrianp;	state Exp;
branches;
next	1.3;

1.3
date	2004.05.19.16.23.12;	author adam;	state Exp;
branches;
next	1.2;

1.2
date	2002.05.10.13.18.46;	author frueauf;	state Exp;
branches;
next	1.1;

1.1
date	2000.07.30.11.13.09;	author frueauf;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2000.07.30.11.13.09;	author frueauf;	state Exp;
branches
	1.1.1.1.2.1;
next	;

1.1.1.1.2.1
date	2002.06.23.18.59.04;	author jlam;	state Exp;
branches;
next	;


desc
@@


1.5
log
@Remove Nessus. The distfiles haven't been provided in a long, long time
by upstream and they haven't been mirrored either.
@
text
@$NetBSD: patch-aa,v 1.4 2004/11/02 00:01:04 adrianp Exp $

--- nessusd/Makefile.orig	2004-10-29 17:39:48.000000000 +0100
+++ nessusd/Makefile	2004-10-29 17:40:25.000000000 +0100
@@@@ -53,7 +53,7 @@@@
 	cp nessus-check-signature ${make_bindir}/nessus-check-signature
 
 nessusd : cflags $(OBJS)
-	$(CC) $(LDFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS)
+	$(CC) $(LDFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS) $(RUN_LIBS)
 
 nessus-check-signature : cflags nessus-check-signature.o
 	$(CC) $(LDFLAGS) $(NESSUS_INCLUDE) nessus-check-signature.o  -o nessus-check-signature $(LIBS)
@


1.4
log
@- Update nessus to 2.2.0
- ok'ed frueauf

Local security checks over SSH : Nessus can now log into the remote hosts
to determine their patch levels and missing updates

A rewritten internal knowledge base API : the new knowledge base API makes
KB access faster and lets the plugins store any amount of data

An improved internal communication between the various nessusd processes, thus
reducing the overhead it takes to handle the results of the plugins and pass
them to the client

An improved plugin scheduler which reduces the time Nessus needs to organize
the order in which plugins should be launched

Sensitive scripts (which can execute commands over SSH) are cryptographically
signed
@
text
@d1 1
a1 1
$NetBSD$
@


1.3
log
@Changes 2.0.10a:
* Fixed MacOS X portability issues
* Non-intrusive OS-fingerprinting (based on xprobe's techniques)
* DNS fingerprinting
* killall -1 nessusd does not restart the bpf server on BSD systems
* longer connect() timeout for TCP sockets
* Fixed hydra.nes
* WWW fingerprinting
* IP addresses are now sorted in EVERY reports
* Automagically rewrite banners to handle distributions which do
  backporting of security fixes (ie: Debian)
@
text
@d3 4
a6 4
--- nessusd/Makefile.orig	2003-01-31 14:44:45.000000000 +0000
+++ nessusd/Makefile
@@@@ -50,7 +50,7 @@@@ ${make_bindir}/nessusd : nessusd
 	cp nessusd ${make_bindir}/nessusd
d12 2
a13 2
 users.o : cflags users.c users.h
 	$(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c users.c 
@


1.2
log
@Update libnasl, nessus{-core,-libraries,-plugins} to 1.2.0.

1.1.15/1.2.0 :

. changes by Nicolas Dubee (ndubee@@secway.com) :
- Better support for AF_UNIX sockets

. changes by Brian (bmc@@snort.org) :
- CVE references
- several bugfixes in the plugins

. changes by Peter Gründl (pgrundl@@kpmg.dk) and
  Carsten Joergensen (carstenjoergensen@@kpmg.dk) :
- Extensive review of the plugins and therefore numerous fixes

. changes by Axel Nennker (Axel.Nennker@@t-systems.com)
- FD leak in save_kb.c fixed

. changes by Renaud Deraison (deraison at nessus.org)
- It is now possible to upload files to the server when using
  the command line client
- lrand48() portability problems worked around
- fixed a bug in the report window that would make it crash
  randomly

1.1.14 :

. changes by Renaud Deraison (deraison at nessus.org)
- SMB fixes (thanks to Michael Scheidell)
- When the safe checks option is enabled, dangerous tests with no
  alternate code (ie: plugins of type ACT_DESTRUCTIVE_ATTACK and
  ACT_DENIAL) are disabled
- Hosts can be designated by their MAC address of instead of their
  IP address (mostly useful for DHCP networks)
- Fixed a bug in the report generation which would replace newlines (\n)
  by semi-columns (;)
- Fixed a bug in the export of some types of reports, where open ports
  with no data associated would not be saved
- Integrated THC's Hydra as a Nessus plugin
- Added new NT security checks (related to user management)
- Plugins of type ACT_SETTINGS can not be disabled
- Fixed a bug which would make nessusd hang when a scanner was reporting
  too many open ports (as when a UDP scan reports all UDP ports as
  being open)

. changes by Dion Stempfley (dion at riptech.com)
- The client can now filter on category

. changes by Axel Nennker (Axel.Nennker@@t-systems.com)
- Fixed some plugins causing error messages in some circumstances
  (dns_xfer.nasl, snmp_processes.nasl...)
- Stylish changes to prevent gcc -Wall from whining in some files
- XML NG output is now XML compliant
- Bug fixes

. changes by Jenni Scott (jenni.scott@@guardent.com) and
  Michael Slifcak (michael.slifcak@@guardent.com) :
- Improved the reporting of the plugins (better consistency, better
  wording)

1.1.13 :

. changes by Michel Arboi (arboi at algoriel.fr)
- New family ACT_SETTINGS dedicated to plugins which just let the user
  enter some preferences
- Optional NIDS evasion techniques (url encoding, tcp slicing)

. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug in the command line client which would make it ignore
  some preferences
- SMB checks can now log into a Windows domain
- NIDS evasion techniques (data injection, short ttl)
- Fixed a bug which would randomly stall the scan

1.1.12 :

. changes by Renaud Deraison (deraison at nessus.org)
- Workarounds on FreeBSD to prevent a kernel panic
  (thanks to Michael Scheidell and Stefan Esser)
- nessus can export reports as other file formats again

1.1.11 :

. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug regarding the saving of reports from the GUI
- Improved the backend in many ways (speed-wise, content-wise)
- Changes in the protocol
- More messages are sent between the server and the client (timestamps,
  plugins version, ...)
- New .nbe file format, which looks like .nsr but has more information
  in it
- Plugins now have versions numbers.
- The user can upload his plugins to the nessusd server from the client
- It is now possible to upload files to the server (ie: nmap's results) in
  command-line mode
- Fixed false positives in SNMP plugins when launched against a non-configured
  Solaris snmpd

. changes by Guillaume Valadon (guillaume at valadon.net)
- New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch])

1.1.10 :

. changes by Renaud Deraison (deraison at nessus.org)
- Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from
  aborting an on-going test
- Fixed a bug in the client which would prevent the user from setting a port
  range longer than 255 chars
- Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next()   is now more flexible.
- Fixed a bug in the command line client which would make it close the
  communication too early when the client - server communication is not
  ciphered
- Added an "auto-load dependencies at runtime" option

1.1.9 :

. changes by Renaud Deraison (deraison at nessus.org)
- Fix in the GUI, when closing a saved report
- Fixed a bug in ftp_log_in() which would prevent nasl script from
  logging into some FTP servers
- Solaris build problems fixed
- Darwin 1.4.1 build problems fixed
- MkLinux DR3 build problems fixed  (is anyone using it anymore ?)
- GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though)
- Fixed the "wrong call to getopt" problem which would make Nessus
  segfault when built with cygwin, and which would prevent options
  from working under Solaris & FreeBSD (thanks to Udo Schweigert)
- SMB checks speedup (thanks to Georges Dagousset's suggestion)
- Fixed a bug in the client - server communication that would make the
  server close the communication when the client is idle
- Better support for AF_UNIX socket for client-server communication
  (compile nessus-core with ./configure --enable-unix-socket)
- Plugins are disabled by default in batch mode

. changes by Michel Arboi (arboi at algoriel.fr)
- Client now properly checks the certificate of the server

. changes by Benoit Brodard (bbrodard at arkoon.net)
- fixed bugs in nasl/tcp.c (checksum, handling of unsigned int)


1.1.8 :

. changes by Renaud Deraison (deraison at nessus.org)
- Workaround for systems with a low number of bpfs (OpenBSD, Darwin)
- Added some length checks for SMB checks
- No more zombies
- Fixed accounts.nes
- Fixed the reporting of the client (reports would be mixed)
- Client removes tempfiles when exiting
- Repaired ptyexecvp() which would not work on Solaris
- Slight bugfix in the NASL interpretor

. changes by Georges Dagousset (georges at alert4web.com)
- More optimizations
- Properly reloads KBs with the same value defined more than once
- Fixes in some plugins dependencies

. changes by Michael Slifcak <Michael.Slifcak at guardent.com>
- More nmap options
- Quiet mode in nessus-adduser

1.1.7 :

. changes by Renaud Deraison (deraison at nessus.org)
- Compiles on platforms without OpenSSL
- Better Solaris support
- Ported under Darwin (many thanks to Dieter Fiebelkorn
  (dieter at fiebelkorn.net) who actually started the port and helped
  me test this)
- Unscanned ports can now be considered as closed or open (instead of
  just open), at user choice
- Upgraded to libtool 1.4.2
- fixed a bug in the client which would make it display the wrong report
  when doing multiple scans
- enhanced the plugins filter (that appear when pressing 'l' in the GUI)
- fixed a serious problem in the SMB plugins which would prevent them to work
  against Samba and which would make them slow against Windows (pointed out
  by Georges Dagousset)

. changes by Iouri Pletnev (Iouri.Pletnec at xacta.com)
- Ported under Cygwin

. changes by Michel Arboi (arboi at algoriel.fr)
- Added nessus-mkrand for hosts with no /dev/random AND no EGD
  running

1.1.6 :

. changes by Renaud Deraison (deraison at nessus.org)
- EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket
  in nessus-libraries)
- KB items are now stored with individual dates instead of a global
  date for the whole KB file. Yes, this means you have to delete your
  old KB files
- When an host could not be pinged, his KB is not altered (nor created)
- fixed memory leaks in nessusd
- nessus-mkcert checks that the certificates were really created
  before congratulating the user
- fixed a security problem where anybody with a shell on the nessusd
  host could log in

1.1.5 :

. changes by Georges Dagousset (georges.dagousset at alert4web.com) :
- new KB entries for further "optimizations"
- improved find_services.nes

. changes by Renaud Deraison (deraison at nessus.org) :
- cleaned up the KB
- added doc/kb_entries.txt
- bugfix in find_services regarding the pem password
- new reporting GUI
- fixed a problem which would leave some plugin run against a host
  considered as dead
- the KB are now stored with properly escaped \n and \r chars
- greatly improved tcp_ping.nasl (and tcp_ping() in libnasl)

. changes by Michel Arboi (arboi at algoriel.fr) :
- replaced PEKS by OpenSSL in the client/server communication

. changes by H D Moore (hdm@@secureaustin.com)
- fixed no404.nasl

1.1.4 :

. changes by Renaud Deraison (deraison at nessus.org) :
- fixed find_services.nes
- plugins that are slow to finish are _really_ killed by the server
- the client better handles the scan of big networks
- nmap_wrapper now updates its progress bar
- nessus-update-plugins support proxies (with or without authentication)
- monitor_backend.c and data_mining.c allow any developer to plug
  a database behind the client (by default flatfiles are used)
- bug fixed in nmap_wrapper which would make it kill its parent
  process randomly
- minor fix in the tcp_ping() function of NASL (ack would be set
  to non-zero for a syn packet)
- fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes

. changes by Michel Arboi (arboi at noos.fr) :
- find_services accepts password-protected .pem files
- patches in the way files were transmitted between the client
  and the server (which could end up in a deadlock)

. changes by Alexis de Bernis <alexisb at tpfh.org) :
- fixed ftp_write_dirs.nes

1.1.3 :

. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'torturecgis.nasl' which supplies bogus args to
  the remote CGIs, in order to find the most blantantly broken
  ones
- webmirror.nasl now retrieves the list of arguments of each
  CGI.
- added filter support in the client. Use the key 'l' to filter
  out plugins you don't want to see.
- added the 'safe checks' option which allow the user to not disturb
  the network (but which weakens the Nessus tests)
- disabled backward support for port 3001 - the official port
  is 1241 now.

1.1.2 :

. changes by Renaud Deraison (deraison at nessus.org) :
- added the plugin 'webmirror.nasl', which extracts the list of
  CGIs used by a remote web server (and will do much more).
- fixed a problem in NASL due to the SSL patch that would cause
  a fd leak with some plugins.
- added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins
  that may harm the remote host.
- SSL certificates & key can be imported
- corrected a bug introduced in 1.1.0 that would make the client not display
  the name of the plugin currently being run.
- sending signal SIGUSR1 to nessusd makes the grandfather process (the one
  who listens on tcp ports) die without killing its children, thus
  allowing a smooth upgrade of nessusd
- updated config.guess and config.sub

1.1.1 :

. changes by Renaud Deraison (deraison at nessus.org) :
- fixed mem leaks in NASL
- fixed a bug introduced in 1.1.0 regarding recv_line()
- fixed a bug introduced in 1.1.0 in the process management of the plugins
  (all the KB would not be filled, resulting in incomplete tests)
- smb_sid2user.nasl is twice as fast ;)

1.1.0 :

. changes by Devin Kowatch (devink at SDSC.EDU) :
- fixed communication problem between client and server
- user-defined timing policy in nmap
- nessus-update-plugins uses wget (or any user-supplied command at
  compilation time) if available.

. changes by Michel Arboi (arboi at bigfoot.com) :
- support for the -T option of nmap
- SSL support

. changes by Zorgon (zorgon at antionline.org) :
- support for the --os_guess option of nmap

. changes by Renaud Deraison (deraison at nessus.org) :
- the user can upload files to plugins through the client (ie: it is possible
  to upload nmap's results directly to the nmap plugin)
- tests can be run in parallel now
- each user is now granted a home by nessus-adduser
- added nessus-rmuser
- per users plugins

Of course several new plugins were added as well.
@
text
@d3 3
a5 3
--- nessusd/Makefile.orig	Mon Dec 17 16:11:41 2001
+++ nessusd/Makefile	Fri May 10 13:44:13 2002
@@@@ -52,7 +52,7 @@@@
@


1.1
log
@Initial revision
@
text
@d3 3
a5 3
--- nessusd/Makefile-orig	Sat Jul 29 20:59:43 2000
+++ nessusd/Makefile	Sat Jul 29 21:00:10 2000
@@@@ -42,7 +42,7 @@@@
d9 2
a10 2
-	$(CC) $(CFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS)
+	$(CC) $(CFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS) $(RUN_LIBS)
d12 1
a12 1
 users.o : users.c users.h
@


1.1.1.1
log
@Initial import of nessus-core 1.0.3, the Core module of the Nessus Network
Security Scanner. Based on work from Hubert Feyrer for some former version.
@
text
@@


1.1.1.1.2.1
log
@Merge from pkgsrc-current to buildlink2 branch.
@
text
@d1 1
a1 1
$NetBSD: patch-aa,v 1.2 2002/05/10 13:18:46 frueauf Exp $
d3 3
a5 3
--- nessusd/Makefile.orig	Mon Dec 17 16:11:41 2001
+++ nessusd/Makefile	Fri May 10 13:44:13 2002
@@@@ -52,7 +52,7 @@@@
d9 2
a10 2
-	$(CC) $(LDFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS)
+	$(CC) $(LDFLAGS) $(NESSUS_INCLUDE) $(OBJS)  -o nessusd $(LIBS) $(RUN_LIBS)
d12 1
a12 1
 users.o : cflags users.c users.h
@