Been hacking on Sussen this weekend. I fixed up the code that generates the OVAL results, resolved the remoting issues from the other day, and started on the network scan code. So far it can only do a port scan using with Nmap or the internal port scanner.
I’m looking to get started on the Gtk# client this afternoon. If things go good hopefully I’ll be able to start merging code into the Windows branch tonight.
Been trying to fix some bugs in my OVAL intrepeter code. I had built and tested the code as a standalone application but now that I’ve integrated it into my remoting code I’m having issues.
The error of the day is:
Object reference not set to an instance of an object
I also changed some of the layout of the code. Sussen.Oval is more generic now. The platform specific code goes into Sussen.Oval.[PlatformName]. For example the RedHat code is located in Sussen.Oval.Redhat.
That’s it for now. I need to get back to bug hunting.
Today, I’m working on getting the client, server and agent communicating via .NET Remoting. I had previously written some code for this purpose and it does work but I feel it could be of better quality.
If you’ve been tracking the code repository you probably noticed I re-added the NASL interpreter code yesterday. The interpreter can still only parse NASLs but not yet execute them.
I’m still stuck on how I’m going to finish the code and I’m not likely to figure it all out for the next release. That being the case, I’ll probably just make this an optional/experimental feature you can enable in Sussen.
Once I figure it all out and having things working I’ll make it enabled by default in future Sussen releases.
Created a new sussen-win branch in the Sussen code repository. To check out a copy, you would do the following:
svn co http://svn.mmgsecurity.com/svn/sussen/branches/sussen-win
It includes the necessary Visual Studio .NET solution/project files to build the project. I haven’t re-created the Setup/Installer yet but that will be coming soon.
Also got started on sussen-agent and sussen-server. The agent gets installed on machines and is used to perform assessments using OVAL test definitions.
The server’s job is to take requests from the client and respond to them (duh!). The server will be able to control agent(s) or do an assessment itself using Nessus NASLs.
Feels like things are finally starting to come together.
Been working on a vulnerability assessment the last couple of days for a new client . I just finished that up this afternoon.
Anyway with that done, I can now get back to working on Sussen. I’ve been tossing around a couple of ideas of how to handle the Windows branch and how to re-integrate the Sussen 0.10 code I previously wrote. More on that later.
Heard from Guido today after a long silence about including LAT in Debian. It couldn’t be in Sarge because Mono isn’t in there and given that the Debian guys just froze Sarge for release that isn’t going to change.
Guido is travelling right now but will be back home in June. Once he’s back he plans to upload LAT into etch, which is where Mono will probably end up.
That’s fine with me. I’m not planning on making another release of LAT till around then anyway. I’m focusing on Sussen work right now.
Up early and hacking away on Sussen. Almost have the OVAL results being generated like I want, just a couple of minor issues remain. Some of the code landed in the repository yesterday, I haven’t checked it all in yet.
Copyright © 2009 Loren Bandiera’s weblog All rights reserved. Theme by Laptop Geek.