ACAS Nessus Parser User Guide
ACAS_Nessus_Parser_User_Guide
User Manual: Pdf
Open the PDF directly: View PDF .
Page Count: 8
Download | |
Open PDF In Browser | View PDF |
ACAS NESSUS PARSER USER GUIDE Author: Jennifer Gregorio 7/17/2017 Getting Started Nessus is a security scanning tool which scans a computer and finds any vulnerabilities that hackers could use to gain access to computers you have connected to a network. The Nessus Parser is a tool that parses one or more files from a Nessus Scan into a format that can be imported into other applications. For each device recorded within the Nessus file, a series of data points are collected and formatted for an import into another application. Among the collected data points are the MAC addresses, which are used to match a device to a vendor designated by the organization unique identifier. The vendor is then recorded and used to create the appropriate Qualified name for the device, based on the vendor information. The oui.csv file contains the first six alphanumeric characters of the MAC address and pairs it with a vendor. The vendors.csv file contains a list of vendors and the qualified names for each. To use the Nessus Parser, you must have the oui.csv, vendors.csv, NessusParser_vendor_oui.jar (executable jar file), and the Nessus files that you want parsed installed on your computer. Run the NessusParser_vendor_oui.jar file. The window that opens will look like Figure 1: Figure 1 Before you begin using this tool, you want to make sure you have the most recent version of the oui.csv file which includes the list of MAC addresses and vendors. In the top left corner click the Tools dropdown menu and click Update MAC Address Data as seen in Figure 2. Figure 2 The window seen in Figure 3 will pop up with instructions on how to update your oui.csv file: Figure 3 Upon clicking the link, you will be brought to the website (Figure 4) where you can download the most recent version of the oui.csv. The blue arrow shows which file you should be downloading. Make sure your oui.csv, vendors.csv, and NessusParser_vendor_oui.jar files are all saved in the same directory. Figure 4 To open the Nessus files that you need parsed, click the File dropdown menu in the top left corner and click Open. Figure 5 A File Chooser will pop up as seen in Figure 6. From here you can navigate to the directory where you have your Nessus files. Figure 6 Select one or more Nessus files that you need and click Open, the following screen (Figure 7) will show up: Figure 7 To create the vendor file needed for the Nessus Parsser, navigate to the communications profile inside MagicDraw. Create a report to extract vendors and set the file layout to include columns for the sequence names, vendor names, and MagicDraw qualified names. The first few rows should look like Figure 8. Figure 8 Filtering Results In some cases, you may want to filter the results to only see a certain type of operating system, vendor, FQDN, etc. At the top of the window in the Search bar you can type in a keyword and press Enter on your keyboard to filter the results. As an example, Figure 9 shows the data filtered by the word “mac”: Figure 9 To get back to the original table without any filter results click in the All Results button to the right of the Search bar. Saving Results as MBSE CSV Import In the top left corner click File, then go to Save Results, and click MBSE CSV Import as seen in Figure 10. Figure 10 A File Saver will pop up as seen in Figure 11. From here you can navigate to the directory where you want to save the csv files and click Save. (Figure 11) Figure 11 A message will pop up telling you that three csv files have been saved to the directory path that you selected. Now, when you navigate to the directory that you selected (Figure 12), you will see that a connector-ends.csv, host-ports.csv, and an importSpreadsheet.csv file appear, which can now be imported into other applications. Figure 12 The importSpreadsheet.csv includes the information that is displayed within the window of the Nessus Parser; connector-ends.csv records network connections between devices; and host-ports.csv collects the port, protocol, and service name within each host. Note that if you imported multiple Nessus files to be parsed, these files will be aggregated to the same three export csv files. Here is what the first few lines of each file should look like: importSpreadsheet.csv: connector-ends.csv: host-ports.csv: In future versions of the Nessus Parser, you will be able to save results into a Cassandra Database.
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.7 Linearized : No Page Count : 8 Language : en-US Tagged PDF : Yes XMP Toolkit : 3.1-701 Producer : Microsoft® Word 2016 Creator : Jennifer Gregorio Creator Tool : Microsoft® Word 2016 Create Date : 2017:07:17 09:48:31-04:00 Modify Date : 2017:07:17 09:48:31-04:00 Document ID : uuid:2202FF5E-C2EA-4CBD-A158-23DD1467D272 Instance ID : uuid:2202FF5E-C2EA-4CBD-A158-23DD1467D272 Author : Jennifer GregorioEXIF Metadata provided by EXIF.tools