Vulnerability scans in Risk Automation Suite using SecureRecon with Nessus are not running or completing. The error below is showing in the RAS vulnerability scan history.

There was no output data from scanner. Scanner IP : x.x.x.x [date and time][17247.0] SSL_CTX_set_cipher_list: error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command [date and time][17247.0] SSL_connect: error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert unsupported certificate nessus : SSL error

1. Login to RAS portal and delete the current Nessus scanner
2. Edit nessusd.conf and remove the line: “ssl_cipher_list =SSLv2:-LOW:-EXPORT:RC4+RSA”
3. Restart nessus:
   service nessusd stop
   service nessusd start
4. Stop SecureRecon
5. cd /securerecon
6. mv RASAgent.conf RASAgent.conf.old
7. Reconfigure SecureRecon 
   ./SecureRecon –s
   SecureRecon version 5.0.1.18, copyright Symantec Corporation 2010
   Which scanner do you want to integrate with? [0]
   [0] Nessus
   Enter the full path to the Nessus client executable (0) :/opt/nessus/bin/nessus
   Enter the full path to the Nessus configuration file () : /opt/nessus/etc/nessus/nessusd.conf
   Enter the full path to the Nessus plugins directory () : /opt/nessus/lib/nessus/plugins
   Enter the Nessus server IP/hostname () :localhost
   Enter the Nessus port (0) :1241
   Enter the Nessus user () :…..
   Enter the Nessus user's password () : ……
   Enter the number of IP addresses to batch per scan (10) :5
   Enter the number of the output file type you want to use (0)
   [0] .nbe
   [1] .nessus
   enter 1
   Enter the number of the logging level you want to use (0)
   [0] Low
   [1] Medium
   [2] High
   enter 2
   SecureRecon interactive setup is complete.
    
8. Register SecureRecon
   ./SecureRecon -r <RAS_portal_name_or_IP> <RAS_user> <RAS_password>
9. Start SecureRecon
   /root/startsr
10. Run a scan from RAS
     

Applies To

Risk Automation Suite 4.0.4 running on Windows Server 2003 Enterprise

SecureRecon 5 and Nessus 4 running on SuSE Enterprise 5