nessus-check-signature

nessus-check-signature - A simple utility to check (or generate) the signature of plugins retrieved from www.nessus.org

nessus-check-signature [-S] filename [signaturefile]

nessus-check-signature is a simple utility used by nessus-update-plugins to check the signatures of the Nessus plugins downloaded from www.nessus.org. When executed and provided both an archive and a signaturefile it will verify if the file matches the signature and if the signature matches the nessus_org.pem certificate. It can also generate the signatures for the plugins distributed by www.nessus.org but you will, obviously, need the private certificate file to do so. You can, however, customise the code to use an alternate certificate file and generate plugins distributions files for third party servers.

I -S

To check the signature for all the plugins downloaded from the Nessus servers use: nessus-check-signature all-2.0.tar.gz all-2.0.sig

nessus-check-signature will return with a 0 value if the signature matches and will return with an error value (1) if the signature does not match or if any other error is found.

nessus-update-plugins(1), nessus-fetch (1)

The canonical place where you will find more information about the Nessus project is :

nessus-check-signature is (C) 2004 Tenable Network Security

This manpage was written by Javier Fernandez-Sanguino for the Debian distribution, and is distributed under the GPL.