| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Dwisehaupt | T243110 OKR 2019-2020 Q3: Increase visibility and awareness of Fundraising system health and wellness | |||
| Resolved | Dwisehaupt | T243639 Research and test software to apply system configuration compliance checks. | |||
| Resolved | Dwisehaupt | T244784 Puppetize squid for proxy use |
Event Timeline
Comment Actions
Currently testing and configuring Nessus for this purpose. Will be working with security on licensing after we verify it meets our needs.
Comment Actions
Testing with the current proxy setup has led to some issues around the CONNECT method. Testing out the possibility of using a different proxy method (SOCKS, squid) to see if there is more success there.
Comment Actions
Squid has been successfully set up in T244784. Proxy sites added to squid. ( [frack::puppet] 2626163d Add proxy sites for nessus updates )
Plugin update tested and successful.
[Fri Feb 21 18:36:53 2020][875.17] Started plugin update (/opt/nessus/var/nessus/tmp/nessus-28-2123989267-1667821056/all-2.0.tar.gz) [Fri Feb 21 18:37:11 2020][875.17] Finished plugin update [Fri Feb 21 18:37:11 2020][875.1] Nessus is reloading: Plugin auto-update
Still to do:
- request proper license
- configure scans across a wider set of hosts
- look at authenticated scan options
Comment Actions
Nessus is in place. Accounts created. Initial regularly scheduled scans set up and running.