Usage: Viewing the Data
Viewing the data is as easy as using any standard database client for the database you are using. As seen in these screenshots with Sequel Pro:
Version 1.4.2 is the current release.
NessusDB has been tested with ruby-1.8.7-p334, ruby-1.9.1-p431, ruby-1.9.2-p180. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it here.
NessusDB relies heavily on RubyGems to install other dependencies I highly recommend using it. RubyGems is included by default in the Ruby 1.9 branches.
These are all available through RubyGems. The should be installed automatically when you install nessusdb, If not this command will install them all:
% gem install rmagick gruff prawn sham faker rspec rcov machinist yard mysql libxml-ruby rails sqlite3 logger yaml
You my need sudo/root access depending on your system setup
Installation is really easy just gem install!
% gem install nessusdb
% nessusdb --create-config % $EDITOR nessusdb.cfg % nessusdb --create-tables
- Generate the nessusdb.cfg file.
- Edit the nessusdb.cfg file, filling in the variables as needed. Please see ActiveRecord for more details.
- Migrate the database schema.
Parsing Nessus Output
% nessusdb report1.nessus [report2.nessus ...]
- Parse the files by passing their names on the command line.
The data can be viewed with a query browser available for your database. A Rails front end will be available in the future.
To generate a technical summary report please execute the following after the the data is parsed into the database.
% nessusdb -t "TEMPLATE_PATH" -o "REPORT_NAME.pdf"
Using the NessusDB Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
[hammackj@taco:~/Projects/public/nessusdb]$ ../bin/nessusdb --console _ _ _ __ ___ ___ ___ _ _ ___ __| | |__ | '_ \ / _ \/ __/ __| | | / __|/ _` | '_ \ | | | | __/\__ \__ \ |_| \__ \ (_| | |_) | |_| |_|\___||___/___/\__,_|___/\__,_|_.__/ NessusDB Console v1.4.2 >> Host.first => #<NessusDB::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
Several templates are included:
- graphs.rb - several graphs written to disk as png's and as a complete pdf
- technical_findings.rb - a detailed pdf of the high and medium findings from the assessment
- finding_statistics.rb - this is a pdf summary of the assessment
- assets.rb - this is a summary of all the hosts found during the scan
- pci_compliance.rb - this generates of list of hosts that pass or failed pci/dss auditing
- exec_summary.rb - A sample executive summary report
- executive_summary.rb - A more detailed sample executive summary report
- findings_summary.rb - A summary of all the findings report
- ms_update_summary.rb - a summary of all the windows update enable hosts
- ms_patch_summary.rb - a summary of all the missing windows patches
- cover_sheet.rb - a example coversheet report
- findings_host.rb - list of findings per host
The templates are located in the nessusdb/templates folder, where ever the gem was installed. On a typical Mac OSX install the path is:
[hammackj@taco:~]$ ruby -v ruby 1.8.7 (2009-06-12 patchlevel 174) [universal-darwin10.0] [hammackj@taco:~]$ l /Library/Ruby/Gems/1.8/gems/nessusdb-1.4.0/lib/nessusdb/templates/ total 40 drwxr-xr-x 7 hammackj admin 238B Oct 21 19:24 ./ drwxr-xr-x 8 hammackj admin 272B Oct 21 19:24 ../ -rw-r--r-- 1 hammackj staff 695B Mar 9 15:59 assets.rb -rw-r--r-- 1 hammackj staff 691B Mar 9 15:59 cover_sheet.rb drwxr-xr-x 3 hammackj staff 102B Mar 9 15:59 data/ -rw-r--r-- 1 hammackj staff 2.0K Mar 9 15:59 exec_summary.rb -rw-r--r-- 1 hammackj staff 6.7K Mar 9 15:59 executive_summary.rb -rw-r--r-- 1 hammackj staff 724B Mar 9 15:59 finding_statistics.rb -rw-r--r--@ 1 hammackj staff 1.2K Mar 17 14:55 findings_host.rb -rw-r--r-- 1 hammackj staff 1.5K Mar 9 15:59 findings_summary.rb -rw-r--r-- 1 hammackj staff 831B Mar 9 15:59 graphs.rb -rw-r--r-- 1 hammackj staff 1.2K Mar 9 15:59 host_summary.rb -rw-r--r-- 1 hammackj staff 663B Mar 9 15:59 ms_patch_summary.rb -rw-r--r-- 1 hammackj staff 924B Mar 9 15:59 ms_update_summary.rb -rw-r--r-- 1 hammackj staff 1.6K Mar 9 15:59 pci_compliance.rb -rw-r--r-- 1 hammackj staff 2.8K Mar 9 15:59 technical_findings.rb [hammackj@taco:~]$
The templates are written in ruby using prawn, they are fairly easy to make. I will add any templates as requested.
If you have any problems, bugs or feature requests please use the github issue tracker.
You can reach me at jacob[dot]hammack[at]hammackj[dot]com.