Nessus Scan on BT4

[fossilk1]

Code:

 
Scan time :

Start time : 
Sun May 10 09:35:27 2009
End time : 
Sun May 10 09:37:40 2009


Number of vulnerabilities :

Open ports : 
2
Low : 
12
Medium : 
8
High : 
18

I just did a clean install with ufw enabled and this was my log on my local ip address. Is this accurate? And if so I don't know how i am gonna fix all these lol.

[three3]

Code:

 
Scan time :

Start time : 
Sun May 10 09:35:27 2009
End time : 
Sun May 10 09:37:40 2009


Number of vulnerabilities :

Open ports : 
2
Low : 
12
Medium : 
8
High : 
18

I just did a clean install with ufw enabled and this was my log on my local ip address. Is this accurate? And if so I don't know how i am gonna fix all these lol.

Hey I think you are forgetting something mate The report details... Generally bear in mind that the toolset in every backtrack distro have many tools that were not created with security in mind. I mean in security about the code of the tool itself. So the tools of backtrack may contain vulnerabilities like B.O. making it a vulnerable distro. This is expected since Backtrack was not created as a distro for your everyday need, but for making security tests.

--three3

[Archangel-Amael]

I just did a clean install with ufw enabled and this was my log on my local ip address. Is this accurate? And if so I don't know how i am gonna fix all these lol.

I posted an intro tutorial to using ufw here on the forums. You might wanna take a look at it.
There are also some other guides to be found on the inturweb, and the man page. Just enabling the firewall really doesn't do much, by itself.

[fossilk1]

Hey I think you are forgetting something mate The report details... Generally bear in mind that the toolset in every backtrack distro have many tools that were not created with security in mind. I mean in security about the code of the tool itself. So the tools of backtrack may contain vulnerabilities like B.O. making it a vulnerable distro. This is expected since Backtrack was not created as a distro for your everyday need, but for making security tests.

--three3

I have seen your tutorial and have done the necessary changes to ufw but still have those vulnerabilities. I would like to make BT a distro for certain needs.

an apt-get upgrade might fix all these open doors, but also that bug which screws up startx you also have to account for.

[Archangel-Amael]

I have seen your tutorial and have done the necessary changes to ufw but still have those vulnerabilities. I would like to make BT a distro for certain needs.

an apt-get upgrade might fix all these open doors, but also that bug which screws up startx you also have to account for.

Two immediate options come to mind
One the fix-kde script on mut's blog and two use it as a live-cd it's fire and forget.

[fossilk1]

The apt-get upgrade did fix all the vulnerabilities, But WOW, such a pain in the ass to get BT4 back to normal. Everything was scrambled around, but most of the fixes were just reinstalling apps again.

Now all High/Medium vulnerabilities are completely gone.

[moonman]

Hi, i have a problem with my nessus on BT4.
The install was all fine, for the server and the client.
Now i start the server --> it is Ok
then i start the client
Server: localhost
port: 4616

and i can't connect to the Server.

please help me

big THX

[thorin]

@moonman
Did you configure a user?

Seems like a little RTFM would go a long way here.

@fossilk1

I just did a clean install with ufw enabled and this was my log on my local ip address. Is this accurate?

With no access to or background on the system in question how would we possibly be able to answer this question?

And if so I don't know how i am gonna fix all these lol.

I think you need to read up on Nessus and how to use it. The report for each specific issue includes a solution.