Command Line Examples
This section provides some examples of common audits used for Cisco iOS compliance checks. The nasl
command line binary is used as a quick means of testing audits on the fly. Each of the .audit files demonstrated below can easily be dropped into your Nessus scan policies. For quick audits of one system, however, command-line tests are more efficient. The command will be executed each time from the /opt/nessus/bin directory as follows:
# ./nasl -t <IP> /opt/nessus/lib/nessus/plugins/cisco_compliance_check.nbin
where <IP> is the IP address of the system to be audited.
The “enable” password is requested:
Which file contains your security policy ? cisco_test.audit
SSH login to connect with : admin
How do you want to authenticate ? (key or password) [password]
SSH password :
Enter the 'enable' password to use :
Consult your Cisco administrator for the correct “enable” login parameters.
This section includes the following information: