Quick Fix for MacFuse 2.1.7 on 64-bit Snow Leopard

Posted: March 4th, 2011 | Author: | Filed under: IT Related | Tags: , , , | 1 Comment »

You can get from this unofficial update : https://caurea.org/2009/09/15/unofficial-macfuse-release-for-64bit-kernels/


Using AlienVault NVT Feed with Nessus 4 on Mac

Posted: March 21st, 2010 | Author: | Filed under: IT Related | Tags: , , , , , | 6 Comments »

Here is my simple howto and modified AlienVault NVT sync script to be use with Nessus 4 on Mac OS

First thing first, you need to have Nessus and MacPorts installed

Then install the md5sha1sum package

sudo port install md5sha1sum

Use the following modified script and let it automagically fetch the NVT feed for you

#!/bin/bash
#
# OpenVAS
# Description: Synchronize with with NVT feed.
# This shell script synchronizes the local set of
# OpenVAS Network Vulerability Tests (NVTs) and
# associated includefiles with a given upstream
# feed of updated or new files.
#
# Authors:
# Lukas Grunwald <l.grunwald@dn-systems.de>
# Jan-Oliver Wagner <jan-oliver.wagner@intevation.de>
# xanda <adnanDOTshukorATgmailDOTcom>
#
# Copyright DN-Systems Enterprise Internet Solutions GmbH 2007
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Slight modifications, 2008/07 AlienVault VRT - code@alienvault.com
# Slight modifications, 2008/08 Vlatko Kosturjak Kost <kostATlinuxDOThr>
# Slight modifications, 2010/03 xanda - adnanDOTshukorATgmailDOTcom
 
 
SCANNER=$1
 
if [ "x$SCANNER" = "x" ]
then
    echo "Usage: $0 nessus"
    exit
fi
 
if [ ! $SCANNER = "nessus" ]
then
    echo "Usage: $0 nessus"
    exit
fi
 
# Plugin dir
if [ "x$NVT_DIR" = "x" ]; then
       # Plugin dir
       if [ $SCANNER = "nessus" ]; then
               NVT_DIR="/Library/Nessus/run/lib/nessus/plugins"
       fi
fi
 
# The URL of the plugin feed
FEED=rsync://feed.alienvault.com:/nvt-feed
 
findcmd()
{
  CMD=$1
 
SRCH=/usr/bin:/usr/ucb:/usr/sbin:/sw/bin:/sbin:/usr/local/bin:/usr/local/sbin:/opt/local/bin:/opt/local/sbin
  SAVEIFS=$IFS
  IFS=:
  set $SRCH
  IFS=$SAVEIFS
  for dir
    do
      [ -x $dir/$CMD ] && {
                echo $dir/$CMD
                return
                }
   done
}
 
chk_system_tools(){
echo "Searching for required system tools ..."
 
RSYNC=`findcmd rsync`
MD5SUM=`findcmd md5sum`
 
if [ -z "$RSYNC" ]; then
  echo "Error: RSYNC not found";
  exit -1
fi
 
if [ -z "$MD5SUM" ]; then
  echo "Error: MD5SUM not found";
  exit -1
fi
}
 
sync_nvts (){
  echo "Synchonizing NVTs via RSYNC ..."
 
  mkdir -p "$NVT_DIR"
  eval "rsync -av --progress \"$FEED\" \"$NVT_DIR\""
 
  echo "Synchronization successful."
}
 
echo "AlienVault NVT Feed Sync"
echo " "
echo "Configured Scanner: $SCANNER"
echo "Configured NVT Feed: $FEED"
echo "Synchronized into: $NVT_DIR"
echo " "
echo " "
 
chk_system_tools
sync_nvts
 
echo " "
echo " "
echo "Please restart your scanner daemon"
chmod +x alienvault-nvt-feed.sh

Make sure you stop the Nessus server first before run the script!

sudo ./alienvault-nvt-feed.sh nessus

Enjoy! 😉