View previous topic :: View next topic |
Author |
Message |
The Dark Tux's lil' helper
Joined: 01 Feb 2003 Posts: 126 Location: BACK ON PLANET GENTOO
|
Posted: Wed Mar 19, 2003 4:22 pm Post subject: nessus ssl error |
|
|
Hello there.
When i try to login in nessus i get a ssl error.
Code: | SSL_connect[9330]: error:00000000:lib(0):func(0):reason(0) |
Does anybody know how to fix this..??? _________________ -=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org |
|
Back to top |
|
|
The Dark Tux's lil' helper
Joined: 01 Feb 2003 Posts: 126 Location: BACK ON PLANET GENTOO
|
Posted: Thu Mar 20, 2003 9:58 am Post subject: |
|
|
nobody has a fix..???? _________________ -=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org |
|
Back to top |
|
|
The Dark Tux's lil' helper
Joined: 01 Feb 2003 Posts: 126 Location: BACK ON PLANET GENTOO
|
Posted: Sat Mar 22, 2003 5:51 pm Post subject: |
|
|
eeh...
Hello, so nobody has had this error before..?? _________________ -=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org |
|
Back to top |
|
|
garvald n00b
Joined: 31 Jan 2003 Posts: 13
|
Posted: Sun May 25, 2003 9:16 pm Post subject: |
|
|
hi there - I have the same problem - been trying to find out the solution for a while but can't - did you get it working eventually ?
g4rvald |
|
Back to top |
|
|
The Dark Tux's lil' helper
Joined: 01 Feb 2003 Posts: 126 Location: BACK ON PLANET GENTOO
|
Posted: Sun May 25, 2003 10:25 pm Post subject: |
|
|
garvald wrote: | hi there - I have the same problem - been trying to find out the solution for a while but can't - did you get it working eventually ?
g4rvald |
Well kinda got it working, not in the way i wanted to but yeah it's working.
But i don't think yah gonna like the way i did it but here goes.
It's simple.. i got MAD and reinstalled GENTOO. But this time i made shure
that my /etc/make.conf contained the words .
I think that the first time that i forgot to include this into my /etc/make.conf.
Still don't know how to really fix this problem, but this 2 DAY compiling aproach did it for me.
So i wish you luck, but snoop around a little before you take the 1 to 3 day CompileWay, maybe there a nother user who fixed the problem.
GOOD LUCK. _________________ -=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org |
|
Back to top |
|
|
markan18 n00b
Joined: 17 Apr 2003 Posts: 11 Location: wonderland
|
Posted: Sat May 31, 2003 8:10 pm Post subject: ssl error solved :-) |
|
|
I all, i got this mysterious ssl error too and i solved it.
To do so, i used strace. Just after a client connects to the socket, nessusd reads hosts.allow and hosts.deny. Nessusd seems to deny connection if hosts.deny tells it to do so no matter the content of hosts.allow.
I simply emptied my hosts.deny file to get nessusd to accept the connection and get rid of the ssl error.
I used to think a server should accept a connection if it is explicitly allowed in host.allow no matter the content of host.deny but nessusd behaves differently.
All the time, i try to connect from localhost.
Here is the content of my hosts.allow file
ALL: 127.0.0.1/255.0.0.0
ALL: 192.168.20.0/255.255.255.0
I used to put ALL: ALL in my hosts.deny file but i got ssl errors this way.
I can sucessfully connect if my hosts.deny file is empty. _________________ emerge -u beer |
|
Back to top |
|
|
garvald n00b
Joined: 31 Jan 2003 Posts: 13
|
Posted: Sun Jun 01, 2003 11:18 pm Post subject: hosts.allow hosts.deny |
|
|
damn
you're right
I eventually got nessus working with the new nessus-installer.sh script available through the nessus website and I didnt have a clue why.
I didnt think about hosts.allow however. Nessus is compiled on gentoo with tcp-rwapper support, however it isnt with the sh install script that nessus.org hands out.
So anyway, here are the correct settings:
in /etc/hosts.deny:
ALL: ALL
in /etc/hosts.allow:
nessusd: ALL@127.0.0.1
you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin
thanks again though |
|
Back to top |
|
|
The Dark Tux's lil' helper
Joined: 01 Feb 2003 Posts: 126 Location: BACK ON PLANET GENTOO
|
Posted: Mon Jun 02, 2003 4:56 pm Post subject: Re: hosts.allow hosts.deny |
|
|
garvald wrote: | damn
you're right
I eventually got nessus working with the new nessus-installer.sh script available through the nessus website and I didnt have a clue why.
I didnt think about hosts.allow however. Nessus is compiled on gentoo with tcp-rwapper support, however it isnt with the sh install script that nessus.org hands out.
So anyway, here are the correct settings:
in /etc/hosts.deny:
ALL: ALL
in /etc/hosts.allow:
nessusd: ALL@127.0.0.1
you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin
thanks again though |
As you see there's always someone with the correct fix.
Thank you guys.. _________________ -=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org |
|
Back to top |
|
|
markan18 n00b
Joined: 17 Apr 2003 Posts: 11 Location: wonderland
|
Posted: Fri Jun 06, 2003 1:32 am Post subject: Re: hosts.allow hosts.deny |
|
|
garvald wrote: | damn
you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin
thanks again though |
Don't worry for me. Im behind my firewall and i have no services that starts automatically at boot, not even sshd!. I start servers only when i need them and nobody on the internet can reach them anyway. I use iptables to manage access to public services because i fear that not all servers will honor settings in hosts.allow and hosts.deny _________________ emerge -u beer |
|
Back to top |
|
|
|