Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
nessus ssl error
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
The Dark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2003
Posts: 126
Location: BACK ON PLANET GENTOO

PostPosted: Wed Mar 19, 2003 4:22 pm    Post subject: nessus ssl error Reply with quote

Hello there.
When i try to login in nessus i get a ssl error.
Code:
SSL_connect[9330]: error:00000000:lib(0):func(0):reason(0)

Does anybody know how to fix this..???
_________________
-=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org
Back to top
View user's profile Send private message
The Dark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2003
Posts: 126
Location: BACK ON PLANET GENTOO

PostPosted: Thu Mar 20, 2003 9:58 am    Post subject: Reply with quote

nobody has a fix..???? :cry:
_________________
-=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org
Back to top
View user's profile Send private message
The Dark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2003
Posts: 126
Location: BACK ON PLANET GENTOO

PostPosted: Sat Mar 22, 2003 5:51 pm    Post subject: Reply with quote

eeh... 8O

Hello, so nobody has had this error before..??
_________________
-=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org
Back to top
View user's profile Send private message
garvald
n00b
n00b


Joined: 31 Jan 2003
Posts: 13

PostPosted: Sun May 25, 2003 9:16 pm    Post subject: Reply with quote

hi there - I have the same problem - been trying to find out the solution for a while but can't - did you get it working eventually ?

g4rvald
Back to top
View user's profile Send private message
The Dark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2003
Posts: 126
Location: BACK ON PLANET GENTOO

PostPosted: Sun May 25, 2003 10:25 pm    Post subject: Reply with quote

garvald wrote:
hi there - I have the same problem - been trying to find out the solution for a while but can't - did you get it working eventually ?

g4rvald

Well kinda got it working, not in the way i wanted to but yeah it's working.
But i don't think yah gonna like the way i did it :oops: but here goes.
It's simple.. i got :evil: :evil: MAD and reinstalled GENTOO. But this time i made shure
that my /etc/make.conf contained the words
Code:
ssl
.
I think that the first time that i forgot to include this into my /etc/make.conf.
Still don't know how to really fix this problem, but this 2 DAY compiling aproach did it for me.
So i wish you luck, but snoop around a little before you take the 1 to 3 day CompileWay, maybe there a nother user who fixed the problem.
GOOD LUCK.
_________________
-=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org
Back to top
View user's profile Send private message
markan18
n00b
n00b


Joined: 17 Apr 2003
Posts: 11
Location: wonderland

PostPosted: Sat May 31, 2003 8:10 pm    Post subject: ssl error solved :-) Reply with quote

I all, i got this mysterious ssl error too and i solved it.
To do so, i used strace. Just after a client connects to the socket, nessusd reads hosts.allow and hosts.deny. Nessusd seems to deny connection if hosts.deny tells it to do so no matter the content of hosts.allow.
I simply emptied my hosts.deny file to get nessusd to accept the connection and get rid of the ssl error.

I used to think a server should accept a connection if it is explicitly allowed in host.allow no matter the content of host.deny but nessusd behaves differently.

All the time, i try to connect from localhost.

Here is the content of my hosts.allow file

ALL: 127.0.0.1/255.0.0.0
ALL: 192.168.20.0/255.255.255.0

I used to put ALL: ALL in my hosts.deny file but i got ssl errors this way.
I can sucessfully connect if my hosts.deny file is empty.
_________________
emerge -u beer
Back to top
View user's profile Send private message
garvald
n00b
n00b


Joined: 31 Jan 2003
Posts: 13

PostPosted: Sun Jun 01, 2003 11:18 pm    Post subject: hosts.allow hosts.deny Reply with quote

damn
you're right
I eventually got nessus working with the new nessus-installer.sh script available through the nessus website and I didnt have a clue why.
I didnt think about hosts.allow however. Nessus is compiled on gentoo with tcp-rwapper support, however it isnt with the sh install script that nessus.org hands out.

So anyway, here are the correct settings:

in /etc/hosts.deny:
ALL: ALL

in /etc/hosts.allow:
nessusd: ALL@127.0.0.1

you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin :)

thanks again though
Back to top
View user's profile Send private message
The Dark
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2003
Posts: 126
Location: BACK ON PLANET GENTOO

PostPosted: Mon Jun 02, 2003 4:56 pm    Post subject: Re: hosts.allow hosts.deny Reply with quote

garvald wrote:
damn
you're right
I eventually got nessus working with the new nessus-installer.sh script available through the nessus website and I didnt have a clue why.
I didnt think about hosts.allow however. Nessus is compiled on gentoo with tcp-rwapper support, however it isnt with the sh install script that nessus.org hands out.

So anyway, here are the correct settings:

in /etc/hosts.deny:
ALL: ALL

in /etc/hosts.allow:
nessusd: ALL@127.0.0.1

you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin :)

thanks again though

As you see there's always someone with the correct fix.
Thank you guys..
_________________
-=The Dark=-
Linux Rules
i686 Pentium III (Coppermine) GenuineIntel
http://www.gentoo.org
Back to top
View user's profile Send private message
markan18
n00b
n00b


Joined: 17 Apr 2003
Posts: 11
Location: wonderland

PostPosted: Fri Jun 06, 2003 1:32 am    Post subject: Re: hosts.allow hosts.deny Reply with quote

garvald wrote:
damn

you should NOT remove ALL: ALL from hosts.deny unless you definately know what you are doing or just dont have any services runnin :)

thanks again though


Don't worry for me. Im behind my firewall and i have no services that starts automatically at boot, not even sshd!. I start servers only when i need them and nobody on the internet can reach them anyway. I use iptables to manage access to public services because i fear that not all servers will honor settings in hosts.allow and hosts.deny
_________________
emerge -u beer
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum